9 matches found
SQL Injection in AdRotate
Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30, 2014 Vendor Patch: January 31, 2014 Public Disclosure: February 20,...
WordPress AdRotate Plugin 'clicktracker.php' SQL Injection Vulnerability
WordPress AdRotate Plugin is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Plugin AdRotate SQL Injection (CVE-2014-1854)
An SQL injection vulnerability has been reported in the AdRotate plugin for WordPress. Remote attacker can exploit this vulnerability to execute arbitrary SQL commands on the target...
CVE-2014-1854
CVE-2014-1854 affects WordPress AdRotate plugins (library/clicktracker.php) where the track parameter is unsafely handled, enabling SQL injection and remote execution of arbitrary SQL. Exploitation was demonstrated against AdRotate 3.9.4 (and likely earlier) with a crafted HTTP GET request; High ...
WordPress Plugin AdRotate 3.9.4 - clicktracker.ph?track SQL Injection
WordPress Plugin AdRotate 3.9.4 - clicktracker.ph?track SQL Injection Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30...
WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection
Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30, 2014 Vendor Patch: January 31, 2014 Public Disclosure: February 20,...
AdRotate 3.9.4 SQL Injection
Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30, 2014 Vendor Patch: January 31, 2014 Public Disclosure: February 20,...
AdRotate 3.9.4 SQL Injection Vulnerability
AdRotate version 3.9.4 suffers from a remote SQL injection vulnerability. Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30, 2014 Vendor Patch: January 31, 201...
SQL Injection in AdRotate
High-Tech Bridge Security Research Lab discovered vulnerability in AdRotate, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in AdRotate: CVE-2014-1854 The vulnerability exists due to insufficient validation of "track" HTTP GET parameter passed to...