04 Jui 2017
CVE-2017-9427 - CVE Vulnerability
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is visible at admin/dashboard/vitals-statistics/integrity/check/?external=true. (CVSS:0.0) (Last Update:2017-06-04)
Vulnerability Details : SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is visible at admin/dashboard/vitals-statistics/integrity/check/?external=true. Publish Date : 2017-06-04 Last Update Date : 2017-06-04 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-9427
- References For CVE-2017-9427
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-9427There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |