Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
Software | From | Fixed in |
---|---|---|
tagworx / tagworx_cms | 3.00.02 | 3.00.02.x |