6 matches found
CVE-2010-3267
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
CVE-2010-3267
BugTracker.NET is affected by CVE-2010-3267: multiple SQL injection vulnerabilities in BugTracker.NET before version 3.4.5. The issues allow remote authenticated users to manipulate SQL via parameters in bugs.aspx (qu_id), delete_query.aspx (row_id), edit_bug.aspx (new_project, us_id), or massedi...
CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net
Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL:...
Core Security Technologies Advisory 2010.1109
Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL:...
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL:...
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL:...