2 matches found
CVE-2015-3424
CVE-2015-3424 affects Accentis Content Resource Management System. A SQL injection vulnerability exists in the SIDX parameter that allows remote attackers to execute arbitrary SQL commands. The issue is tied to input filtering flaws prior to the October 2015 patch; patched versions released aroun...
CVE-2015-3425
CVE-2015-3425 is a stored XSS vulnerability in Accentis Content Resource Management System, exploitable via the parameter ctl00$cph_content$_uig_formState. Multiple connected sources confirm the issue affects Accentis CRM/resource management software prior to the October 2015 patch and that authe...