SQL Injection in Bluecms_project Bluecms

CVE-2010-4897

SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.

Vulnerability class: SQL Injection

EPSS: 0.011 (61.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References