CVE-2016-15034
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
10/07/2023
Last modified:
17/05/2024
Description
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrss_search of the file freedomrss_search.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as 750a9b35af182950c952faf6ddfdcc50a2b25f8b. It is recommended to upgrade the affected component. VDB-233366 is the identifier assigned to this vulnerability.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
5.20
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:anakeen:dynacase_webdesk:*:*:*:*:*:*:*:* | 2.0.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page