CVE-2015-1400
published 2015-02-03CVE-2015-1400: SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.41%
82.0th percentile
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| npds | revolution | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.htmlhttp://websecgeeks.com/npds-cms-sql-injection/http://www.npds.org/viewtopic.php?topic=26189&forum=12http://www.npds.org/viewtopic.php?topic=26233&forum=12http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.htmlhttp://websecgeeks.com/npds-cms-sql-injection/http://www.npds.org/viewtopic.php?topic=26189&forum=12http://www.npds.org/viewtopic.php?topic=26233&forum=12
2015-02-03
Published