Easycms - Easycms CVE

Filtered by vendor Easycms Subscribe

Filtered by product Easycms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-23358	1 Easycms	1 Easycms	2022-02-23	7.5 HIGH	9.8 CRITICAL
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement.

Vulnerabilities (CVE)