Sign in Subscribe

← All advisories

Critical severity9.8NVD Advisory· Published Oct 18, 2017· Updated May 13, 2026

CVE-2017-15579

CVE-2017-15579

Description

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.

Affected products

1

Phpsugar/PHP Melody
cpe:2.3:a:phpsugar:php_melody:*:*:*:*:*:*:*:*
Range: <=2.7.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

blogs.securiteam.com/index.php/archives/3464nvdExploitThird Party Advisory
www.phpsugar.com/blog/2017/10/php-melody-v2-7-3-maintenance-release/nvdRelease NotesVendor Advisory

News mentions

0

No linked articles in our index yet.