VYPR

Geocore Max

by Geodesicsolutions

CVEs (1)

  • CVE-2014-3871May 27, 2014
    risk 0.03cvss epss 0.03

    Multiple SQL injection vulnerabilities in register.php in Geodesic Solutions GeoCore MAX 7.3.3 (formerly GeoClassifieds and GeoAuctions) allow remote attackers to execute arbitrary SQL commands via the (1) c[password] or (2) c[username] parameter. NOTE: the b parameter to…