vendor:
Simple CMS FrameWork
by:
Red-D3v1L
N/A
CVSS
N/A
Remote SQL Injection
Unknown
CWE
Product Name: Simple CMS FrameWork
Affected Version From: Simple CMS FrameWork 1.0
Affected Version To: Simple CMS FrameWork 1.0
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2009
Simple CMS FrameWork 1.0 Remote SQL Injection Vulnerability
The Simple CMS Framework version 1.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by injecting SQL code into the 'id' parameter in the 'index.php' file. This can lead to unauthorized access to the database and potential data leakage. An example of the exploit URL is provided in the text.
Mitigation:
Unknown