Multiple SQL injection vulnerabilities in dotCMS (8x CVE)

November 1, 2016 007admin Leave a comment

Posted by Elar Lang on Nov 01

Title: Multiple SQL injection vulnerabilities in dotCMS (8x CVE)
Credit: Elar Lang / https://security.elarlang.eu
Vendor/Product: dotCMS (http://dotcms.com/)
Vulnerability: SQL injection
Vulnerable version: before 3.5; 3.3.1 and 3.3.2 (depends on CVE)
CVE: CVE-2016-8902, CVE-2016-8903, CVE-2016-8904, CVE-2016-8905,
CVE-2016-8906, CVE-2016-8907, CVE-2016-8908, CVE-2016-4040

# Multiple SQL injections in dotCMS framework.

## CVE-2016-8902 -…

007 Software

Multiple SQL injection vulnerabilities in dotCMS (8x CVE)

Leave a Reply Cancel reply

Software and Security Information