CVE-2007-6656

SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*

History

07 Nov 2023, 02:01

Type Values Removed Values Added
References
  • {'url': 'http://forum.cmsmadesimple.org/index.php/topic,18240.0.html', 'name': 'http://forum.cmsmadesimple.org/index.php/topic,18240.0.html', 'tags': [], 'refsource': 'CONFIRM'}
  • () http://forum.cmsmadesimple.org/index.php/topic%2C18240.0.html -

Information

Published : 2008-01-04 11:46

Updated : 2024-02-28 11:01


NVD link : CVE-2007-6656

Mitre link : CVE-2007-6656

CVE.ORG link : CVE-2007-6656


JSON object : View

Products Affected

cmsmadesimple

  • cms_made_simple
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')