CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2011-0645 – phpCMS 2008 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-0645
25 Jan 2011 — SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action. Vulnerabilidad de inyección SQL en data.php para PHPCMS 2008 V2 permite a atacantes remotos ejecutar comandos SQL a través del parámetro where_time en una acción "get". • https://www.exploit-db.com/exploits/16019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2011-0644 – phpCMS 2008 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-0644
25 Jan 2011 — SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. Vulnerabilidad de inyección SQL en include/admin/model_field.class.php para PHPCMS 2008 V2 permite a atacantes remotos ejecutar comandos SQL a través del parámetro modelid en flash_upload.php. • https://www.exploit-db.com/exploits/16019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •