SQL Injection Vulnerability in GeniXCMS 0.0.8: Remote Authenticated Editors Can Execute Arbitrary SQL Commands

SQL Injection Vulnerability in GeniXCMS 0.0.8: Remote Authenticated Editors Can Execute Arbitrary SQL Commands

CVE-2017-5345 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI.

Learn more about our Cms Pen Testing.