maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html.
References
| Link | Resource |
|---|---|
| https://github.com/magicblack/maccms10/issues/931 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Aug 2022, 19:53
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Maccms maccms
Maccms |
|
| References | (MISC) https://github.com/magicblack/maccms10/issues/931 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CPE | cpe:2.3:a:maccms:maccms:10.0:2022.1000.3031:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3001:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.1099:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3005:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3030:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3025:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3028:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3002:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2021.1000.1081:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3026:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3004:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3029:*:*:*:*:*:* cpe:2.3:a:maccms:maccms:10.0:2022.1000.3027:*:*:*:*:*:* |
|
| CWE | CWE-89 |
17 Aug 2022, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-08-17 21:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-35148
Mitre link : CVE-2022-35148
CVE.ORG link : CVE-2022-35148
JSON object : View
Products Affected
maccms
- maccms
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')