Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.45 views

Achievo <= 1.3.4 - SQL Injection

No description provided by source. Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL:...

7.5CVSS6.5AI score0.01256EPSS
Exploits7
CVE
CVE
added 2009/10/16 4:0 p.m.53 views

CVE-2009-2734

Achievo (before 1.4.0) is affected by a SQL injection in the dispatch.php path via the get_employee function. The vulnerability stems from the get_employee($user_id) code building a SQL query with the user-provided userid/user_id without proper sanitization: SELECT * FROM person WHERE status='act...

7.5CVSS8.1AI score0.01256EPSS
Exploits7References7Affected Software1
securityvulns
securityvulns
added 2009/10/14 12:0 a.m.57 views

[BONSAI] SQL Injection in Achievo

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

7.5CVSS7.4AI score0.01256EPSS
Exploits7
0day.today
0day.today
added 2009/10/14 12:0 a.m.46 views

Achievo <= 1.3.4 SQL Injection

Exploit for unknown platform in category web applications ============================== Achievo = 1.3.4 SQL Injection ============================== 1. Vulnerability Information Class: SQL Injection Remotely Exploitable: Yes Locally Exploitable: Yes CVE Name: CVE-2009-2734 2. Software Descriptio...

7.1AI score0.01256EPSS
Exploits7
Packet Storm
Packet Storm
added 2009/10/14 12:0 a.m.51 views

Achievo SQL Injection

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

7.5CVSS0.6AI score0.01256EPSS
Exploits7
Exploit DB
Exploit DB
added 2009/10/14 12:0 a.m.41 views

Achievo 1.3.4 - SQL Injection

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

7.5CVSS6.5AI score0.01256EPSS
Exploits7
Rows per page
Query Builder