Описание
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-3374
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44054
- https://www.exploit-db.com/exploits/6159
- http://secunia.com/advisories/31260
- http://svn.gregarius.net/trac/changeset/1788/trunk/gregarius/ajax.php
- http://www.gulftech.org/?node=research&article_id=00119-07302008
- http://www.securityfocus.com/archive/1/494866/100/0/threaded
- http://www.securityfocus.com/bid/30423
Связанные уязвимости
nvd
больше 17 лет назад
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.