MidnightBSD

Advisories for johannes_ekberg

CVE-2012-1026 HIGH

Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
johannes_ekberg xray_cms 1.1.1