Arbitrary SQL Command Execution in Digital Signage Xibo 1.4.2 via index.php
CVE-2013-4887 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to execute arbitrary SQL commands via the displayid parameter.
Learn more about our Web Application Penetration Testing UK.