06 Jui 2017
CVE-2017-9449 - CVE Vulnerability
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker creates a crafted table name at admin/developer/modules/views/create/ and the injection is visible at admin/ajax/auto-modules/views/searchable-page/ or admin/modules_name. (CVSS:0.0) (Last Update:2017-06-06)
Vulnerability Details : SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker creates a crafted table name at admin/developer/modules/views/create/ and the injection is visible at admin/ajax/auto-modules/views/searchable-page/ or admin/modules_name. Publish Date : 2017-06-06 Last Update Date : 2017-06-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-9449
- References For CVE-2017-9449
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-9449There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |