First published: Thu Apr 28 2022(Updated: )
SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Victor Cms Project Victor Cms | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-28060 is a SQL Injection vulnerability in Victor CMS v1.0 via the user_name parameter to /includes/login.php.
CVE-2022-28060 has a severity rating of 7.5 (high).
Victor CMS v1.0 is affected by CVE-2022-28060.
To fix CVE-2022-28060, update to a version of Victor CMS that does not have this vulnerability or apply a patch provided by the vendor.
CVE-2022-28060 is classified as CWE-89 (SQL Injection).