SineCms SQL Injection and Script Insertion - Exabytes Security Portal

Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)

SineCms SQL Injection and Script Insertion

Published by David December 28th, 2007 in Cross Site Scripting and SQL Injection.

Application: SineCms
Affected Version: SineCms 2.x
Vendor’s URL: Module download page
Bug Type: Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 2.2.6 of the Guestbook module and version 2.2.4 of the Calendar module.

0 Responses to “SineCms SQL Injection and Script Insertion”

Feed for this Entry Trackback Address

No Comments

Leave a Reply

You must login to post a comment.