CVE-2014-8366

CVE-2014-8366

EPSS 2.1%

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/127284/openSIS-5.3-SQL-Injection.html http://seclists.org/fulldisclosure/2014/Jun/151 http://secunia.com/advisories/59114