cpe:/a:johannes_ekberg:xray_cms:1.1.1 CVE-2012-1026 2012-02-07T19:55:02.627-05:00 2017-08-28T21:31:09.883-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-02-08T13:49:00.000-05:00 EXPLOIT-DB 18467 BUGTRAQ 20120212 sqlinjection bug in nova cms BID 51870 MISC http://sourceforge.net/tracker/?func=detail&aid=3488241&group_id=298778&atid=1260461 XF xraycms-login2-sql-injection(73000) Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.