Full Disclosure

SQL-Injection in administrative Backend of Sefrengo CMS v.1.6.0

Leave a comment

Posted by Steffen Rösemann on Jan 06

Advisory: SQL-Injection in administrative Backend of Sefrengo CMS v.1.6.0
Advisory ID: SROEADV-2015-04
Author: Steffen Rösemann
Affected Software: CMS Sefrengo v.1.6.0 (Release-Date: 18th-Feb-2014)
Vendor URL: http://www.sefrengo.org/start/start.html
Vendor Status: fixed
CVE-ID: –

==========================
Vulnerability Description:
==========================

The Content Management System Sefrengo v.1.6.0 contains SQL-Injection…

Leave a Reply