2 matches found
Jasmine CMS 1.0 - SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; inisetmaxexecutiontime,0; inisetdefaultsockettimeout,5; if $argc4 print -------------------------------------------------------------------------\r\n; print Jasmine CMS 1.0 SQL Injection/Remote Code...
CVE-2007-3313
CVE-2007-3313 involves two SQL injection vulnerabilities in Jasmine CMS 1.0 that allow remote attackers to execute arbitrary SQL commands via (1) login.php’s login_username and (2) news.php’s item parameter. The associated CVSS v2 base score is 7.5 (HIGH) with vector AV:N/AC:L/Au:N/C:P/I:P/A:P, i...