Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:51
Updated: 2022-10-03T16:15:51
Reserved: 2022-10-03T00:00:00
Link: CVE-2015-1576
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-02-11T19:59:03.917
Modified: 2015-02-12T17:52:23.413
Link: CVE-2015-1576
JSON object: View
Redhat Information
No data.
CWE