Sql injection

2009-01-2718:30:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.

CPENameOperatorVersion
keep_toolkiteq2.1
keep_toolkitle2.5

CPE	Name	Operator	Version
	keep_toolkit	eq	2.1
	keep_toolkit	le	2.5

References

keeptoolkit.svn.sourceforge.net/viewvc/keeptoolkit?view=rev&revision=56

osvdb.org/51623

secunia.com/advisories/33652

sourceforge.net/project/shownotes.php?release_id=655845&group_id=227492

www.securityfocus.com/bid/33425