SQL Injection Vulnerabilities in Translations in Fork CMS before 3.8.6

SQL Injection Vulnerabilities in Translations in Fork CMS before 3.8.6

CVE-2015-1467 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.