4 matches found
PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability
Advisory: PHP Inventory 1.3.1 Remote Auth Bypass SQL Injection Vulnerability Advisory ID: INFOSERVE-ADV2011-08 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on PHP Inventory 1.3.1 Vendor URL: http://www.phpwares.com/ Vendor Status: fixed CVE-ID:...
PHP Inventory 1.3.1 SQL Injection
Advisory: PHP Inventory 1.3.1 Remote Auth Bypass SQL Injection Vulnerability Advisory ID: INFOSERVE-ADV2011-08 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on PHP Inventory 1.3.1 Vendor URL: http://www.phpwares.com/ Vendor Status: fixed CVE-ID:...
CVE-2009-4597
The CVE-2009-4597 entry covers SQL injection flaws in PHP Inventory (notably versions around 1.2/1.3.x) in index.php. The vulnerabilities allow SQL commands to be injected through user_id in a user details action, and through user/password fields, enabling unauthorized data access via poorly sani...
CVE-2009-4597
creationtimestamp| type| source ---|---|--- 2009-12-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10370...