PT-2017-13721 · Mojoomla · Mojoomla Wpgym Wordpress Gym Management System

Ihsan Sencan

·

Publicado

2017-09-27

·

Atualizado

2017-10-05

·

CVE-2017-14844

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Mojoomla WPGYM WordPress Gym Management System (affected versions not specified)
Description The issue allows SQL Injection via the id parameter.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2017-14844

Produtos afetados

Mojoomla Wpgym Wordpress Gym Management System