Vulnerability Details CVE-2015-5659
SQL injection vulnerability in Network Applied Communication Laboratory Pref Shimane CMS 2.x before 2.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.6%
CVSS Severity
CVSS v2 Score 6.5
References
- http://jvn.jp/en/jp/JVN84982142/995760/index.html
- http://jvn.jp/en/jp/JVN84982142/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000158
- https://github.com/NaCl-Ltd/pref-shimane-cms/blob/master/README.md
- https://github.com/NaCl-Ltd/pref-shimane-cms/commit/5ec03cb174513844c410ee7fba594c544ba80ce2
- https://github.com/NaCl-Ltd/pref-shimane-cms/commit/ab96ec7661f15a0129940eed9215c91f1acbf564
- http://jvn.jp/en/jp/JVN84982142/995760/index.html
- http://jvn.jp/en/jp/JVN84982142/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000158
- https://github.com/NaCl-Ltd/pref-shimane-cms/blob/master/README.md
- https://github.com/NaCl-Ltd/pref-shimane-cms/commit/5ec03cb174513844c410ee7fba594c544ba80ce2
- https://github.com/NaCl-Ltd/pref-shimane-cms/commit/ab96ec7661f15a0129940eed9215c91f1acbf564
Products affected by CVE-2015-5659
-
cpe:2.3:a:network_applied_communication_laboratory:shimane_prefecture_cms:2.0.0