EUVD-2016-5046

Malware in sbrugna...

CVE-2016-4040

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter...

dotCMS < 3.3.2 SQLi Vulnerability

dotCMS is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms"; if...

DotCMS Workflow Screen SQL Injection Vulnerability

DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in Workflow Screen in DotCMS versions prior to 3.3.2. A remote attacker ca...

CVE-2016-4040

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter...

Sql injection

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter...

CVE-2016-4040

CVE-2016-4040 affects dotCMS prior to version 3.3.2. A SQL injection in the Workflow Screen allows remote administrators to execute arbitrary SQL commands through the orderby parameter. Exploitation would impact data confidentiality, integrity, and availability as described by CVSS metrics (base ...