SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
References
Configurations
Information
Published : 2014-07-09 07:55
Updated : 2015-09-02 10:05
NVD link : CVE-2014-4194
Mitre link : CVE-2014-4194
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
aas9
- zerocms