Multiple CMS Vulnerabilities Discovered By IEDB

Security team Iranian Exploit Database – IEDB – and team IrIsT has discovered multiple vulnerabilities in CMS software by NeginGroup and rasanehpardaz.

NeginGroup CMS has vulnerability of SQL injection and cross-site scripting – XSS.

Rasanehpardaz CMS has vulnerability of only cross-site scripting.

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. Cross-site scripting is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.

Leave a Reply

Your email address will not be published. Required fields are marked *