4 matches found
CVE-2014-1854
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter...
Sql injection
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter...
CVE-2014-1854
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter...
CVE-2014-1854
CVE-2014-1854 affects WordPress AdRotate plugins (library/clicktracker.php) where the track parameter is unsafely handled, enabling SQL injection and remote execution of arbitrary SQL. Exploitation was demonstrated against AdRotate 3.9.4 (and likely earlier) with a crafted HTTP GET request; High ...