CVE-2014-8366

CVE-2014-8366

EPSS 2.1%

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/127284/openSIS-5.3-SQL-Injection.html http://seclists.org/fulldisclosure/2014/Jun/151 http://secunia.com/advisories/59114