Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eZ Publish 多个SQL注入漏洞
Vulnerability Description
eZ Systems Publish是挪威eZ Systems公司的一套开源的PHP内容管理系统和开发框架(CMS/CMF)。该系统提供可自由定制和可扩展的内容模型,适用于新闻发布、电子商务(B2B与B2C)、门户与社区网站。 eZ Publish 3.7.0 版本到 4.2.0版本中存在多个SQL注入漏洞。远程攻击者可以借助搜索功能的(1) SectionID 和 (2) SearchTimestamp参数,高级搜索功能的(3) SearchContentClassAttributeID参数执行任意的S
CVSS Information
N/A
Vulnerability Type
N/A