RSS   Vulnerabilities for 'E2'   RSS

2014-07-24
 
CVE-2014-4736

CWE-89
 

 
SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.

 

 >>> Vendor: Blogengine 2 Products
Blogengine.net
E2


Copyright 2024, cxsecurity.com

 

Back to Top