CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-5347

SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.0%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://www.securityfocus.com/bid/95684
https://github.com/semplon/GeniXCMS/issues/61
http://www.securityfocus.com/bid/95684
https://github.com/semplon/GeniXCMS/issues/61

Products affected by CVE-2017-5347

Metalgenix » Genixcms » Version: 0.0.8

cpe:2.3:a:metalgenix:genixcms:0.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5347

Products

Pricing

Contact Us