CVE-2015-7567
CRITICALYeager CMS 1.2.1 - SQL Injection via Password Reset Token Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-7567. PoCs published by SEC Consult.
AI-analyzed exploit summary This is a security advisory detailing multiple vulnerabilities in Yeager CMS 1.2.1, including SQL injection, arbitrary file upload, SSRF, and XSS. It provides proof-of-concept URLs and descriptions but does not contain executable exploit code.
Description
SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter.
Exploits (1)
This is a security advisory detailing multiple vulnerabilities in Yeager CMS 1.2.1, including SQL injection, arbitrary file upload, SSRF, and XSS. It provides proof-of-concept URLs and descriptions but does not contain executable exploit code.
References (4)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H