High severity7.2NVD Advisory· Published Jan 12, 2017· Updated Jun 17, 2026
CVE-2017-5346
CVE-2017-5346
Description
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
genix/cmsPackagist | < 1.0.0 | 1.0.0 |
Affected products
2Patches
Vulnerability mechanics
References
6- code610.blogspot.com/2017/01/genixcms-sql-injection-quick-autopsy.htmlnvdExploitThird Party AdvisoryWEB
- github.com/semplon/GeniXCMS/issues/61nvdExploitIssue TrackingPatchWEB
- www.securityfocus.com/bid/95655nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-2ppw-6xvg-rwgwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-5346ghsaADVISORY
- github.com/semplon/GeniXCMS/commit/abfbb6103bfa860275f89d1215ed9c3cba94791eghsaWEB
News mentions
0No linked articles in our index yet.