Sql injection

2007-11-1500:46:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.9%

JSON

SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
btitrackerle1.4.4
btitrackereq1.4.1
btitrackereq1.3.2
btitrackereq1.4.3
btitrackereq1.4.2

Name	Operator	Version
btitracker	le	1.4.4
btitracker	eq	1.4.1
btitracker	eq	1.3.2
btitracker	eq	1.4.3
btitracker	eq	1.4.2

References

secunia.com/advisories/27550

sourceforge.net/forum/forum.php?forum_id=752472

sourceforge.net/project/shownotes.php?release_id=552477

www.securityfocus.com/bid/26551

exchange.xforce.ibmcloud.com/vulnerabilities/38415