Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-23358

Disclosure Date: February 16, 2022 (last updated October 07, 2023)
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0