← Back to CVE List

CVE-2021-28999

Published: 2023-05-08T14:15Z
Last Modified: 2025-01-29T17:15Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt