EUVD-2006-3815

Malware in sbrugna...

ACollab SQL injection vulnerability

Overview ACollab is open source web-based groupware and is also available as an add-on for e-learning content management system ATutor. ACollab contains a SQL injection vulnerability. Impact A remote attacker could modify the database contents or steal data. An attacker could also bypass...

CVE-2006-3662

SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." However, the relevant source code...

CVE-2006-3662

SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." However, the relevant source code...

CVE-2006-3662

ATutor 1.5.3 contains a SQL injection in index.php via the fid parameter that could allow remote execution of arbitrary SQL commands. The vendor disputes the vulnerability, but source code analysis suggests it may be legitimate; the parameter is cleansed in version 1.5.3.1. Affected version: ATut...

JVN#73705637 ACollab SQL injection vulnerability

Impact A remote attacker could modify the database contents or steal data. An attacker could also bypass authentication and impersonate a user. Solution Products Affected ACollab 1.2 and earlier Development and maintenance of ACollab finished with version 1.2 as of July 6, 2006. However ATutor...