CVE-2014-9464

Published January 3rd, 2015

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable.

microweber/microweber

Drag and Drop Website Builder and CMS with E-commerce

GitHub

3.42K