SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote malicious users to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sphere.xlentprojects spherecms 1.1 |