CVE-2016-8902 in dotCMSinfo

Zusammenfassung

von MITRE

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

24.10.2016

Veröffentlichung

14.11.2016

Moderieren

akzeptiert

Eintrag

VDB-93220

CPE

bereit

CWE

CWE-89 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.01437

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider, Agriculture, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8902
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8902
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8902/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!