Lucene search
Dsquare SecurityE-377HistoryMay 12, 2014 - 12:00 a.m.
Open Web Analytics Password Reset Page owa_email_address Parameter SQL Injection
2014-05-1200:00:00
Dsquare Security
28
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
76.1%
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
Vulnerability Type: SQL Injection
For the exploit source code contact DSquare Security sales team.Related
nessus
nessus
Open Web Analytics owa_email_address SQL Injection
2014-05-27 00:00:00
securityvulns
securityvulns
[SWRX-2014-001] Open Web Analytics Pre-Auth SQL Injection
2014-05-05 00:00:00
cve
cve
CVE-2014-1206
2014-01-15 16:08:00
packetstorm
packetstorm
Open Web Analytics Pre-Auth SQL Injection
2014-02-17 00:00:00
openvas
openvas
Open Web Analytics < 1.5.5 SQLi Vulnerability - Active Check
2014-01-21 00:00:00
cvelist
cvelist
CVE-2014-1206
2014-01-15 16:00:00
checkpoint_advisories
checkpoint_advisories
Open Web Analytics SQL Injection (CVE-2014-1206)
2021-06-24 00:00:00
exploitpack
exploitpack
Open Web Analytics 1.5.4 - owa_email_address SQL Injection
2014-02-18 00:00:00
seebug
seebug
Open Web Analytics 'owa_email_address'参数SQL注入漏洞
2014-01-13 00:00:00
prion
prion
Sql injection
2014-01-15 16:08:00
zdt
zdt
Open Web Analytics 1.5.4 Pre-Auth SQL Injection Vulnerability
2014-02-18 00:00:00
exploitdb
exploitdb
Open Web Analytics 1.5.4 - 'owa_email_address' SQL Injection
2014-02-18 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
76.1%
Related for E-377