Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 27/01/2015 Updated: 28/01/2015

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote malicious users to execute arbitrary SQL commands via the username parameter to register/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freereprintables articlefr 3.0.5

# Exploit Title: SQL injection vulnerability in articleFR CMS 305 # Google Dork: N/A # Date: 01/21/2015 # Exploit Author: Tran Dinh Tien (tiendtran@itasvn) & ITAS Team (wwwitasvn) # Vendor Homepage: freereprintablescom # Software Link: githubcom/articlefr/articleFR # Version: version 305 # Tested on: Linux # CVE : N/A ...

CWE-89 http://www.exploit-db.com/exploits/35857 http://seclists.org/fulldisclosure/2015/Jan/81 http://www.itas.vn/news/itas-team-found-out-a-sql-injection-vulnerability-in-articlefr-cms-72.html https://nvd.nist.gov https://www.exploit-db.com/exploits/35857/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-1364

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect