NVD

Id
24694  
Name
CVE-2015-2679  
Description
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-03-23  
Modified Date
2016-12-02  
Seq
2015-2679  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
129986 24694 CVE-2015-2679 http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17  View
129987 24694 CVE-2015-2679 http://blog.metalgenix.com/update-security-fix-and-add-newsletter-module/16  View
129988 24694 CVE-2015-2679 http://packetstormsecurity.com/files/130770/GeniXCMS-0.0.1-SQL-Injection.html  View
129989 24694 CVE-2015-2679 36321  View
129990 24694 CVE-2015-2679 73297  View
129991 24694 CVE-2015-2679 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5232.php  View
129992 24694 CVE-2015-2679 https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815  View
129993 24694 CVE-2015-2679 https://github.com/semplon/GeniXCMS/issues/7  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6590 JVNDB-2015-001910 MetalGenix GeniXCMS における SQL インジェクションの脆弱性 MetalGenix GeniXCMS には、SQL インジェクションの脆弱性が存在します。 CVE-2015-2679 79904 CVE-2015-2679 24694 7.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001910.html 2015-03-14 2015-03-25 View