RSS   Podatności dla
'Content resource management system'   RSS

2019-12-09
 
CVE-2015-3425

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.

 
 
CVE-2015-3424

CWE-89
 
 
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top