Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2012-5342

Description

Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) special.php, (2) article.php, or (3) cat2.php.

POC

Reference

- http://packetstormsecurity.org/files/108426/CommonSense-CMS-Blind-SQL-Injection.html

Github

No PoCs found on GitHub currently.