Genixcms: >> Genixcms >> 0.0.6 Security Vulnerabilities
GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service (account blockage) by leveraging the mishandling of certain username substring relationships, such as the admin<script> username versus the admin username, related to register.php, User.class.php, and Type.class.php.
CVSS Score
5.3
EPSS Score
0.006
Published
2017-09-10
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter.
CVSS Score
7.3
EPSS Score
0.005
Published
2017-01-01