EDB-41377webappsphp검증됨

dotCMS 3.6.1 - Blind Boolean SQL Injection

Ben Nott2/16/2017Port 80

Exploit-DB에서 보기 GitLab에서 소스 보기

AI 분석AI 기반

익스플로잇 코드

Exploit code not available in database

GitLab에서 소스 보기

CVE-2017-5344

9.8CRITICAL

An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query ex

An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query ex...

2/17/2017CWE-89

AI 분석AI 기반

익스플로잇 코드

관련 CVE (1)

CVE-2017-5344

An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query ex