Описание
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-4927
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73395
- http://freecode.com/projects/limesurvey/releases/342070
- http://osvdb.org/79459
- http://packetstormsecurity.org/files/110100/limesurvey-sql.txt
- http://secunia.com/advisories/48051
- http://www.exploit-db.com/exploits/18508
- http://www.limesurvey.org/en/stable-release
- http://www.securityfocus.com/bid/52114
Связанные уязвимости
nvd
больше 13 лет назад
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
debian
больше 13 лет назад
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1 ...