Security Advisory
CVE-2015-6944
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.