mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-26 20:40:27 +01:00
823 B
823 B
CVE-2015-6516
Description
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.
POC
Reference
- http://packetstormsecurity.com/files/132672/sysPass-1.0.9-SQL-Injection.html
- https://www.exploit-db.com/exploits/37610/
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-031.txt
Github
No PoCs found on GitHub currently.