MidnightBSD

Advisories for gsi-office

CVE-2015-5376 HIGH

SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
gsi-office winpat_portal 3.6.1.0
gsi-office winpat_portal 3.2.0.1001