Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

mod_accounting Module 0.5 - Blind SQL Injection

No description provided by source. - Affected Vendor: http://sourceforge.net/projects/mod-acct/files/ - Affected Software: modaccounting - Affected Version: 0.5. Other earlier versions may be affected. - Issue type: Blind SQL injection - Release Date: 20 Sep 2013 - Discovered by: Eldar Wireghoul...

7.5CVSS6.5AI score0.01266EPSS
Exploits7
seebug.org
seebug.org
added 2013/10/09 12:0 a.m.26 views

Apache 'mod_accounting'模块SQL注入漏洞(CVE-2013-5697)

BUGTRAQ ID: 62677 CVE ID: CVE-2013-5697 modaccounting是Apache 1.3.x上的流量计费模块,该模块使用数据记录流量,支持的数据库类型包括MySQL及PostgreSQL。 modaccounting 0.5模块在Host报文头中存在SQL注入漏洞,攻击者可利用此漏洞破坏应用,执行未授权数据库操作。该漏洞源于用户提供的HTTP报文头未经过滤即用在查询内。该模块使用了简单的字符串串联来修改已定义查询内的占位符,然后再发送到数据库内。该代码位于modaccounting.c内。 0 modaccounting 0.5 临时解决方法:...

7.5CVSS6.5AI score0.01266EPSS
Exploits7
Cvelist
Cvelist
added 2013/09/30 9:0 p.m.17 views

CVE-2013-5697

SQL injection vulnerability in modaccounting.c in the modaccounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header...

8.2AI score0.01266EPSS
Exploits7References2
Packet Storm
Packet Storm
added 2013/09/26 12:0 a.m.32 views

mod_accounting 0.5 Blind SQL Injection

Affected Vendor: http://sourceforge.net/projects/mod-acct/files/ - Affected Software: modaccounting - Affected Version: 0.5. Other earlier versions may be affected. - Issue type: Blind SQL injection - Release Date: 20 Sep 2013 - Discovered by: Eldar "Wireghoul" Marcussen - CVE Identifier:...

7.5CVSS0.2AI score0.01266EPSS
Exploits7
Rows per page
Query Builder