CVE-2017-5345

Published January 12th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI.

GeniXCMS/GeniXCMS

Simple and Lightweight CMS Framework

GitHub