CVE-2015-3933
Published
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
GitHub