CVE-2015-7569

Name: CVE-2015-7569
Creator: NVD / NIST
Published: 2017-04-24T18:59:00.32+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.79%

Last modified Jun 17, 2026

CVE-2015-7569 is a vulnerability of currently unknown severity. SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.. EPSS estimates a 2.79% chance of exploitation in the next 30 days.

Description

SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.

Metrics

EPSS Probability

2.79%

84.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-89

Affected Software

Vendor	Product	Versions
Yeager	Yeager Cms	1.2.1

References

http://packetstormsecurity.com/files/135716/Yeager-CMS-1.2.1-File-Upload-SQL-Injection-XSS-SSRF.htmlExploit, Patch, Third Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/44Mailing List, Patch, Third Party Advisory
http://www.securityfocus.com/archive/1/537493/100/0/threadedExploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/39436/Exploit, Patch, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/135716/Yeager-CMS-1.2.1-File-Upload-SQL-Injection-XSS-SSRF.htmlExploit, Patch, Third Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/44Mailing List, Patch, Third Party Advisory
http://www.securityfocus.com/archive/1/537493/100/0/threadedExploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/39436/Exploit, Patch, Third Party Advisory, VDB Entry

Timeline

Published: Apr 24, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-7569?

SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.

How severe is CVE-2015-7569?

Severity scoring for CVE-2015-7569 is pending analysis. The EPSS model estimates a 2.79% probability of exploitation in the next 30 days.

How do I fix CVE-2015-7569?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-7569?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST