W3b Cms: Security Vulnerabilities
SQL injection vulnerability in admin/index.php in w3b>cms (aka w3blabor CMS) before 3.4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the benutzername parameter (aka Username field) in a login action.
CVSS Score
6.8
EPSS Score
0.005
Published
2009-02-16