HomePentest-Tools.com Logo

CMS Made Simple <= 2.2.16 SQLi Vulnerability CVE-2021-28999

Severity
CVSSv3 Score
8.8
Vulnerability description

CMS Made Simple is prone to an SQL injection (SQLi) vulnerability.

Risk description

SQL Injection vulnerability in CMS Made Simple allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php.

Recommendation

No known solution is available as of 16th May, 2023. Information regarding this issue will be updated once solution details are available.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 8, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available