Description
SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth Webpublisher CMS, possibly 5.0 and earlier, allows remote attackers to execute arbitrary SQL commands via the thisday parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by xin.wang · textwebappsphp
https://www.exploit-db.com/exploits/38862
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Dec/35
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/64110
Scores
EPSS
0.0036
EPSS Percentile
58.4%
Details
CWE
CWE-89
Status
published
Products (1)
enorth/webpublisher_cms
< 5.0
Published
Dec 09, 2013
Tracked Since
Feb 18, 2026