Silverstripe » Silverstripe : Security Vulnerabilities, CVEs, Published In 2009 (Sql injection)
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter.
Max CVSS
7.5
EPSS Score
0.23%
Published
2009-04-24
Updated
2009-04-27
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
Max CVSS
7.5
EPSS Score
0.14%
Published
2009-04-27
Updated
2017-08-17
2 vulnerabilities found