NuytsTech Security

CVE-2015-2679

by ·

Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php.

Date published : 2015-03-23

http://www.securityfocus.com/bid/73297

http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17

Tags: