Critical severity9.8NVD Advisory· Published Oct 18, 2017· Updated Jun 17, 2026
CVE-2017-15579
CVE-2017-15579
Description
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:phpsugar:php_melody:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpsugar:php_melody:*:*:*:*:*:*:*:*range: <=2.7.2
- (no CPE)range: <2.7.3
Patches
Vulnerability mechanics
References
2- blogs.securiteam.com/index.php/archives/3464nvdExploitThird Party Advisory
- www.phpsugar.com/blog/2017/10/php-melody-v2-7-3-maintenance-release/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.