VYPR
Critical severity9.8NVD Advisory· Published Dec 19, 2017· Updated Jun 17, 2026

CVE-2017-15875

CVE-2017-15875

Description

SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter.

Affected products

2
  • GPWeb/GPWeb2 versions
    cpe:2.3:a:sistemagpweb:gpweb:8.4.61:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sistemagpweb:gpweb:8.4.61:*:*:*:*:*:*:*
    • (no CPE)range: =8.4.61

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.