← volver
CVE-2015-8355

CVE-2015-8355

EPSS 1.7%
Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.htbridge.com/advisory/HTB23280http://www.securityfocus.com/archive/1/537130/100/0/threaded