CVE-2017-17607

CMS Auditor Website 1.0 is affected by an SQL injection vulnerability reachable via PATH_INFO to /news-detail. The CVE entry notes an SQLi impact affecting confidentiality, integrity, and availability with high/severe severities (CVSS v2 base 7.5 HIGH; CVSS v3 base 9.8 CRITICAL). The vulnerabilit...