CVE-2016-15034

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-15034
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-15034.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-15034
Published
2023-07-10T18:15:10Z
Modified
2025-01-15T00:57:19.691249Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as 750a9b35af182950c952faf6ddfdcc50a2b25f8b. It is recommended to upgrade the affected component. VDB-233366 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/dynacase-labs/dynacase-webdesk

Affected ranges

Type
GIT
Repo
https://github.com/dynacase-labs/dynacase-webdesk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v1.*

v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.4.4

v2.*

v2.0.0
v2.0.1
v2.0.2