e-ticketing - SQL Injection

No description provided by source. 'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. I...

CVE-2012-1673

The CVE-2012-1673 issue affects the e-ticketing product, specifically the loginscript.php component, where both the user_name and password POST parameters can be used to perform SQL injection. The root cause is improper handling of input that allows remote attackers to execute arbitrary SQL comma...

'e-ticketing' SQL Injection (CVE-2012-1673)

'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TESTED VERSION...

e-ticketing SQL Injection

'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TESTED VERSION...

e-ticketing - SQL Injection

e-ticketing - SQL Injection 'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TEST...