CVE-2014-4852

7.5

Critical

CVE-2014-4852

10 Jul 2014

cve@mitre.org

Modified

Description

SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits

392382014-07-07webappsPHP

AtomCMS - SQL Injection / Arbitrary File Upload

By Jagriti Sahu

References

cve@mitre.org

http://packetstormsecurity.com/files/127371/Atom-CMS-Shell-Upload-SQL-Injection.html

cve@mitre.org

http://www.securityfocus.com/bid/68437

af854a3a-2127-422b-91ae-364da2661108

http://packetstormsecurity.com/files/127371/Atom-CMS-Shell-Upload-SQL-Injection.html

af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68437

CVE-2014-4852 - CVE-2014-4852 | Cyber Hub