CVE-2017-20246 | Missilesilo KittyCatfish 2.2 on WordPress GET Parameter base.css.php kc_ad sql injection (Exploit 41919)

A vulnerability identified as critical has been detected in Missilesilo KittyCatfish 2.2 on WordPress. Affected is an unknown function of the file base.css.php of the component GET Parameter Handler. This manipulation of the argument kc_ad causes sql injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is handled as CVE-2017-20246. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More