Description
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.
Exploits (1)
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.npds.org/viewtopic.php?topic=26189&forum=12
Vendor Advisory x_refsource_confirm
http://www.npds.org/viewtopic.php?topic=26233&forum=12
Exploit x_refsource_misc
http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html
Exploit x_refsource_misc
http://websecgeeks.com/npds-cms-sql-injection/
Scores
EPSS
0.0109
EPSS Percentile
78.1%
Details
CWE
CWE-89
Status
published
Products (1)
npds/revolution
13.0
Published
Feb 03, 2015
Tracked Since
Feb 18, 2026