AdRotate <= 3.9.4 - clicktracker.php track Parameter SQL Injection

The AdRotate – Ad manager & AdSense Ads WordPress plugin was affected by a clicktracker.php track Parameter SQL Injection security vulnerability...

Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php, track param) - SQL Injection

No description provided by source...

AdRotate library/clicktracker.php track Parameter SQL Injection

AdRotate contains a flaw that may allow carrying out an SQL injection attack.The issue is due to the library/clicktracker.php script not properly sanitizing user-supplied input to the 'track' parameter. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database,...

WordPress AdRotate插件'clicktracker.php'SQL注入漏洞

BUGTRAQ ID: 65709 CVECAN ID: CVE-2014-1854 AdRotate是网站广告管理插件。 AdRotate 3.9.4及其他版本没有有效验证"/wp-content/plugins/adrotate/library/clicktracker.php"脚本的"track" HTTP GET参数值，未经身份验证的远程攻击者可利用此漏洞在应用的数据库内执行任意SQL命令。 0 WordPress AdRotate 3.9.4 厂商补丁： WordPress --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

SQL Injection in AdRotate

High-Tech Bridge Security Research Lab discovered vulnerability in AdRotate, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in AdRotate: CVE-2014-1854 The vulnerability exists due to insufficient validation of "track" HTTP GET parameter passed to...