Description

SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.

Remediation

References

CVE-2008-6753

Related Vulnerabilities

PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2002-0985)

MySQL CVE-2020-2897 Vulnerability (CVE-2020-2897)

PHP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-8878)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2005-0543)

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)

Severity

High

Classification

CVE-2008-6753 CWE-138

Tags

Missing Update Known Vulnerabilities