5 matches found
CVE-2010-4298
The CVE-2010-4298 issue affects the Free Simple Software 1.0 download module, where the SQL injection flaw can be triggered via the downloads_id parameter in a download_now action to index.php. The connected Seebug entry provides a PoC exploit demonstrating how a UNION SELECT can extract sensitiv...
'Free Simple Software' SQL Injection Vulnerability (CVE-2010-4298)
'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the application...
Free Simple Software - SQL Injection
'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the application...
Free Simple Software - SQL Injection
Free Simple Software - SQL Injection 'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION...
Free Simple Software SQL Injection
'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the application...