CVE-2014-2211

Publication date

2014-03-03 16:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter.