4 matches found
ActiveKB 1.5 - Insecure Cookie HandlingArbitrary Admin Access
ActiveKB 1.5 - Insecure Cookie HandlingArbitrary Admin Access --==+================================================================================+==-- --==+ ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access +==--...
CVE-2007-5425
SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote attackers to execute arbitrary SQL commands via the questId parameter in a hideQuestion ToDo action. NOTE: the catId vector is already covered by CVE-2007-5131...
CVE-2007-5425
SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote attackers to execute arbitrary SQL commands via the questId parameter in a hideQuestion ToDo action. NOTE: the catId vector is already covered by CVE-2007-5131...
CVE-2007-5425
CVE-2007-5425 is a SQL injection vulnerability in Interspire ActiveKB 1.5, exploitable via the questId parameter in admin/index.php under a hideQuestion ToDo action. The issue affects ActiveKB 1.5 (and relates to CVE-2007-5131 for the catId vector). The provided documents do not specify a patch o...