CVE-2022-27412

Name of the Vulnerable Software and Affected Versions Explore CMS version 1.0

Description The issue is related to a lack of protection against SQL query structure exploitation, which can lead to remote attackers performing cross-site scripting attacks. The vulnerability can be exploited via a "/page.php?id=" request, allowing for SQL injection attacks.

Recommendations For Explore CMS version 1.0, consider disabling the /page.php endpoint or restricting access to it until a patch is available to prevent SQL injection attacks. As a temporary workaround, avoid using the id parameter in the /page.php endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.