High severity8.8NVD Advisory· Published Jul 2, 2021· Updated Jun 17, 2026
CVE-2021-27950
CVE-2021-27950
Description
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Sita/AzurCMSdescription
- Range: <=1.2.3.12
Patches
Vulnerability mechanics
References
4- raw.githubusercontent.com/post-cyberlabs/CVE-Advisory/main/CVE-2021-27950.pdfnvdExploitThird Party Advisory
- www.sitasoftware.lunvdVendor Advisory
- www.sitasoftware.lu/azur/software/web.phpnvdProductVendor Advisory
- www.azurcms.comnvdProduct
News mentions
0No linked articles in our index yet.