HomePentest-Tools.com Logo

Baby Gekko CMS Multiple Vulnerabilities CVE-2012-5698CVE-2012-5699CVE-2012-5700

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Baby Gekko CMS is prone to multiple vulnerabilities.

Risk description

Multiple errors exist due to: - Insufficient validation of input passed via the keyword, query and id parameters to /admin/index.php script. - Insufficient validation of input passed via the app parameter to index.php script. - Insufficient validation of input passed via the username and password HTTP POST parameters to the index.php script. Successful exploitation will allow remote attackers to inject or manipulate SQL queries in the back-end database and execute arbitrary HTML and script code in a users browser session in the context of an affected site.

Recommendation

Upgrade to 1.2.2f, 1.2.4, or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 23, 2020
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available