SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database.
References
Link | Resource |
---|---|
https://github.com/flatCore/flatCore-CMS/issues/29 | Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2017-04-14 11:59
Updated : 2017-04-21 06:04
NVD link : CVE-2017-7878
Mitre link : CVE-2017-7878
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
flatcore
- flatcore-cms