Blind SQL Injection Vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) Allows Remote Code Execution and Privilege Escalation

Blind SQL Injection Vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) Allows Remote Code Execution and Privilege Escalation

CVE-2023-48987 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.