Vulnerabilities > Metalgenix > Genixcms > 1.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-21 | CVE-2017-5959 | Cross-Site Request Forgery (CSRF) vulnerability in Metalgenix Genixcms CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. | 9.8 |
| 2017-02-17 | CVE-2017-6065 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. | 8.8 |