Description

SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter.

Remediation

References

CVE-2012-5910

Related Vulnerabilities

MySQL CVE-2018-3161 Vulnerability (CVE-2018-3161)

Magento Incorrect Authorization Vulnerability (CVE-2022-34256)

Python CVE-2018-1061 Vulnerability (CVE-2018-1061)

Oracle Database Server CVE-2010-4421 Vulnerability (CVE-2010-4421)

MongoDb Other Vulnerability (CVE-2013-2132)

Severity

Medium

Classification

CVE-2012-5910 CWE-138

Tags

Missing Update Known Vulnerabilities