cfreer

2 exploits Active since Nov 2017
CVE-2015-3933 EXPLOITDB CRITICAL text WORKING POC
MetalGenix GeniXCMS <0.0.3-patch - SQL Injection
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
CVSS 9.8
CVE-2015-3934 EXPLOITDB CRITICAL text WORKING POC
Fiyo CMS 2.0_1.9.1 - SQL Injection via id Parameter or user Parameter
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.
CVSS 9.8