Описание
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-3857
- http://fereidani.com/articles/show/76_kerio_control_8_3_1_boolean_based_blind_sql_injection
- http://osvdb.org/show/osvdb/108584
- http://packetstormsecurity.com/files/127320/Kerio-Control-8.3.1-Blind-SQL-Injection.html
- http://secunia.com/advisories/59215
- http://www.exploit-db.com/exploits/33954
- http://www.kerio.com/support/kerio-control/release-history
- http://www.securityfocus.com/archive/1/532607/100/0/threaded
Связанные уязвимости
nvd
больше 11 лет назад
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.