2 matches found
AdaptWeb Web Application SCADA SQL Injection (CVE-2009-2152)
An SQL Injection vulnerability has been reported in AdaptWeb 0.9.2. The vulnerability is due to improper validation of the CodigoDisciplina parameter passed to the application. A remote unauthenticated attacker could exploit this vulnerability by sending a request with a crafted CodigoDisciplina...
CVE-2009-2152
CVE-2009-2152 affects AdaptWeb 0.9.2 via a vulnerability in A index.php (component: a_index.php) where the CodigoDisciplina parameter in the TopicosCadastro1 action allows remote attackers to execute arbitrary SQL commands. This is a SQL injection in the web application’s input handling. The prov...