3 matches found
CVE-2013-6164
CVE-2013-6164 affects Project'Or RIA 3.4.0. A SQL Injection in view/objectDetail.php via the objectId parameter (Affectations) allows remote attackers to inject arbitrary SQL commands, potentially accessing the database and file system. The ISecAuditors advisory provides PoC-style payloads (e.g.,...
ProjectOr RIA 3.4.0 - objectDetail.php?objectId SQL Injection
ProjectOr RIA 3.4.0 - objectDetail.php?objectId SQL Injection ============================================= INTERNET SECURITY AUDITORS ALERT 2013-017 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 CVSSv2 Base Scor...
Project'Or RIA 3.4.0 - 'objectDetail.php?objectId' SQL Injection
============================================= INTERNET SECURITY AUDITORS ALERT 2013-017 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 CVSSv2 Base Scored - CVE-ID: CVE-2013-6164...