58 matches found
articleFR CMS 3.0.5 SQL Injection
Vulnerability title: SQL injection vulnerability in articleFR CMS 3.0.5 Product: articleFR Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A Google dork: N/A Author: Tran Dinh Tien [email protected] & ITA...
Improper Access Control in ArticleFR
Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...
SQL Injection Vulnerability in ArticleFR
Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
ArticleFR CMS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-5097
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 get or 2 set action to rate.php...
CVE-2014-5097
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 get or 2 set action to rate.php...
CVE-2014-5097
CVE-2014-5097 describes SQL injection in ArticleFR CMS (Free Reprintables) versions 3.0.4 and earlier. The vulnerability arises from insufficient sanitization of the HTTP GET parameter “id” passed to /rate.php when act is either “get” or “set,” allowing remote attackers to execute arbitrary SQL c...
ArticleFR - id SQL Injection
ArticleFR - id SQL Injection source: https://www.securityfocus.com/bid/69307/info ArticleFR is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the...
ArticleFR 3.0.4 SQL Injection Vulnerability
ArticleFR version 3.0.4 suffers from a remote SQL injection vulnerability. Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public...
ArticleFR 3.0.4 SQL Injection
Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...
ArticleFR - 'id' SQL Injection
source: https://www.securityfocus.com/bid/69307/info ArticleFR is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, ...
ArticleFR 11.06.2014 (data.php) - Privilege Escalation
No description provided by source. Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure:...
ArticleFR 11.06.2014 (data.php) - Privilege Escalation
Exploit for php platform in category web applications Advisory Details: High-Tech Bridge Security Research Lab discovered vulnerability in ArticleFR, which can be exploited to execute arbitrary UPDATE SQL statements, alter information stored in database and gain complete control over the web site...
ArticleFR 11.06.2014 - data.php Privilege Escalation
ArticleFR 11.06.2014 - data.php Privilege Escalation Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014...
ArticleFR 11.06.2014 - 'data.php' Privilege Escalation
Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...
Free Reprintables ArticleFR 11.06.2014 Improper Access Control
Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...
SQL Injection Vulnerability in ArticleFR
High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in ArticleFR, which can be exploited to perform SQL Injection attacks and gain complete control over vulnerable website. 1 SQL Injection in ArticleFR: CVE-2014-5097 The vulnerability exists due to insufficient...
Improper Access Control in ArticleFR
High-Tech Bridge Security Research Lab discovered vulnerability in ArticleFR, which can be exploited to execute arbitrary UPDATE SQL statements, alter information stored in database and gain complete control over the web site. 1 Improper Access Control in ArticleFR: CVE-2014-4170 The vulnerabilit...