CVE-2017-15578
HIGHPhpsugar Php Melody < 2.7.2 - SQL Injection
Title source: ruleDescription
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
Exploits (1)
Scores
CVSS v3
8.8
EPSS
0.0020
EPSS Percentile
42.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
phpsugar/php_melody
< 2.7.2
Published
Oct 18, 2017
Tracked Since
Feb 18, 2026