4 matches found
Sql injection
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter...
CVE-2008-6272
Dragan Mitic Apoll web app (0.7 beta and 0.7.5) contains an SQL injection in admin/index.php. The vulnerability arises from insufficient input sanitization of the pass parameter, enabling remote attackers to manipulate SQL commands. Affected component: admin/index.php; vulnerable vector is user-s...
CVE-2008-6270
CVE-2008-6270 affects Dragan Mitic Apoll 0.7 beta and 0.7.5, via an SQL injection in admin/index.php where the user parameter is not sufficiently sanitized, allowing remote SQL commands. OpenVAS corroborates a SQLi vulnerability; exploitation status or patch details are not provided in the suppli...
CVE-2008-6270
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the user parameter...