5 matches found
CVE-2013-2594
The CVE-2013-2594 issue is a SQL injection in Hornbill Supportworks ITSM, affecting the reports/calldiary.php endpoint. Exploitation via the callref parameter could allow remote attackers to inject arbitrary SQL and, per multiple sources, may lead to full control of the host (e.g., writing a webs...
Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability
SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This...
Hornbill Supportworks ITSM 1.0.0 - SQL Injection
Hornbill Supportworks ITSM 1.0.0 - SQL Injection Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been...
Hornbill Supportworks ITSM 1.0.0 - SQL Injection
Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...
Hornbill Supportworks ITSM 1.0.0 SQL Injection
Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...