CVE-2015-5659

Network Applied Communication Laboratory Pref Shimane CMS <2.0.1 - ...

Title source: llm

Description

SQL injection vulnerability in Network Applied Communication Laboratory Pref Shimane CMS 2.x before 2.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

References (6)

Core 6

Core References

Patch x_refsource_confirm

https://github.com/NaCl-Ltd/pref-shimane-cms/commit/ab96ec7661f15a0129940eed9215c91f1acbf564

View Patch ZIP pw:eip

Vendor Advisory third-party-advisory x_refsource_jvndb

http://jvndb.jvn.jp/jvndb/JVNDB-2015-000158

Vendor Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN84982142/index.html

Patch x_refsource_confirm

https://github.com/NaCl-Ltd/pref-shimane-cms/commit/5ec03cb174513844c410ee7fba594c544ba80ce2

View Patch ZIP pw:eip

Various Sources x_refsource_confirm

https://github.com/NaCl-Ltd/pref-shimane-cms/blob/master/README.md

View Writeup ZIP pw:eip

Third Party Advisory x_refsource_confirm

http://jvn.jp/en/jp/JVN84982142/995760/index.html

Scores

EPSS 0.0171

EPSS Percentile 74.4%

Details

CWE

CWE-89

Status published

Products (1)

network_applied_communication_laboratory/shimane_prefecture_cms 2.0.0

Published Oct 11, 2015

Tracked Since Feb 18, 2026