Lucene search
K

6 matches found

securityvulns
securityvulns
added 2013/09/09 12:0 a.m.61 views

SQL Injection in Cotonti

Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...

7.5CVSS0.4AI score0.02624EPSS
Exploits5
CVE
CVE
added 2013/08/09 9:0 p.m.53 views

CVE-2013-4789

CVE-2013-4789 is a SQL injection vulnerability in Cotonti where the param c is unsafely handled in index.php when e=rss, allowing remote attackers to execute arbitrary SQL commands. Affected: Cotonti releases before 0.9.14. Root cause: inadequate filtration/validation of the GET parameter, enabli...

7.5CVSS8.4AI score0.02624EPSS
Exploits5References7Affected Software1
0day.today
0day.today
added 2013/08/03 12:0 a.m.47 views

Cotonti 0.9.13 - SQL Injection Vulnerability

Exploit for php platform in category web applications Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-8...

7.5CVSS6.5AI score0.02624EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/08/02 12:0 a.m.43 views

Cotonti 0.9.13 - SQL Injection

Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...

7.5CVSS7AI score0.02624EPSS
Exploits5
exploitpack
exploitpack
added 2013/08/02 12:0 a.m.46 views

Cotonti 0.9.13 - SQL Injection

Cotonti 0.9.13 - SQL Injection Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89...

7.5CVSS0.02624EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/08/01 12:0 a.m.55 views

Cotonti 0.9.13 SQL Injection

Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...

7.5CVSS0.02624EPSS
Exploits5
Rows per page
Query Builder