| ID | CVE-2016-3688 | ||||||
| Sažetak | SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:S/C:P/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 28-04-2016 - 17:14 | ||||||
| Objavljeno | 19-04-2016 - 14:59 |
