SiteEngine is a PHP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "module" parameter of the "comments.php" script before using it in an SQL query. SiteEngine version 7.1 is affected.
Ref: http://www.securityfocus.com/bid/45056
10.49.31 - CVE: Not Available
Platform: Web Application - SQL Injection
Ref: http://www.securityfocus.com/bid/45056
10.49.31 - CVE: Not Available
Platform: Web Application - SQL Injection
0 comments:
Post a Comment