Описание
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-6516
- https://www.exploit-db.com/exploits/37610
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-031.txt
- http://packetstormsecurity.com/files/132672/sysPass-1.0.9-SQL-Injection.html
- http://www.securityfocus.com/archive/1/535989/100/0/threaded
Связанные уязвимости
nvd
больше 10 лет назад
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.