Published: 23/03/2015 Updated: 03/12/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS prior to 0.0.2 allow remote malicious users to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
genixcms genixcms

GeniXCMS v001 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: wwwgenixcmsorg Affected version: 001 Summary: GenixCMS is a PHP Based Content Management System and Framework (CMSF) It's a simple and lightweight of CMSF Very suitable for Intermediate PHP developer to Advanced Developer Some manual c ...

CWE-89 http://packetstormsecurity.com/files/130770/GeniXCMS-0.0.1-SQL-Injection.html http://osvdb.org/show/osvdb/119393 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5232.php https://github.com/semplon/GeniXCMS/issues/7 http://osvdb.org/show/osvdb/119392 http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17 http://blog.metalgenix.com/update-security-fix-and-add-newsletter-module/16 https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815 http://www.exploit-db.com/exploits/36321 http://www.securityfocus.com/bid/73297 https://nvd.nist.gov https://www.exploit-db.com/exploits/36321/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-2679

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect