Release date:
Updated on:
Affected Systems:
Syndeocms SyndeoCMS <3.0.2
Unaffected system:
Syndeocms SyndeoCMS 3.0.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53854
SyndeoCMS is a primary-school content management system.
SyndeoCMS versions earlier than 3.0.01 have the SQL injection vulnerability. After successful exploitation, attackers can control applications, access or modify data.
<* Source: Secunia Research
Link: http://www.syndeocms.org/index.php? Section = 2 & page = 4 #25
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Syndeocms
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.syndeocms.org/index.php