CVE-2015-0919

Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sefrengo:sefrengo:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-01-08 15:59

Updated : 2024-02-28 12:20


NVD link : CVE-2015-0919

Mitre link : CVE-2015-0919

CVE.ORG link : CVE-2015-0919


JSON object : View

Products Affected

sefrengo

  • sefrengo
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')