Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint /admin/export/getcsv/article_db, via the fieldS[] and orderby parameters.
- http://packetstormsecurity.com/files/166535/CSZ-CMS-1.2.9-SQL-Injection.html
- https://github.com/cskaza/cszcms/issues/31
- https://www.exploit-db.com/exploits/50846
- https://github.com/ARPSyndicate/cvemon
- https://github.com/karimhabush/cyberowl