Critical severity9.8NVD Advisory· Published Jun 24, 2017· Updated Jun 17, 2026
CVE-2017-9848
CVE-2017-9848
Description
SQL injection vulnerability in C_InfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element.
Affected products
2- cpe:2.3:a:easysitecms:easysite:7.0.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.