Описание
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-2070
- http://osvdb.org/show/osvdb/118356
- http://packetstormsecurity.com/files/130386/eTouch-Samepage-4.4.0.0.239-SQL-Injection-File-Read.html
- http://seclists.org/fulldisclosure/2015/Feb/47
- http://www.exploit-db.com/exploits/36089
- http://www.securityfocus.com/bid/74883
Связанные уязвимости
nvd
почти 11 лет назад
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.