Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1364

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-1364
Last Modified 28 Jan 2015 10:53:42
Published 27 Jan 2015 03:04:19
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1364

Summary

SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/.

Vulnerable Systems

Application

  • Freereprintables Articlefr 3.0.5


References

MISC - http://www.itas.vn/news/itas-team-found-out-a-sql-injection-vulnerability-in-articlefr-cms-72.html

EXPLOIT-DB - 35857

FULLDISC - 20150121 SQL injection vulnerability in articleFR CMS 3.0.5


Last Updated: 27 May 2016 11:07:38