5 matches found
CVE-2012-5243
Banana Dance B.2.6 and earlier are affected by CVE-2012-5243 (Improper Access Control). An unauthenticated remote attacker can read arbitrary data from the database via /functions/suggest.php, enabling reading of sensitive information (bd_users table per PoC). The issue is part of a set of vulner...
banana dance b.2.6 - Multiple Vulnerabilities
banana dance b.2.6 - Multiple Vulnerabilities Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion...
banana dance b.2.6 - Multiple Vulnerabilities
Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion CWE-98, Improper Access Control CWE-284, SQL...
Banana Dance B.2.6 Inclusion / Access Control / SQL Injection
Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion CWE-98, Improper Access Control CWE-284, SQL...
Banana Dance B.2.6 Inclusion / Access Control / SQL Injection
Banana Dance version B.2.6 suffers from local file inclusion, remote SQL injection, and improper access control vulnerabilities. Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure...