4 matches found
[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script
Advisory: SQL Injection in webEdition CMS File Browser RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for...
CVE-2014-2303
The CVE-2014-2303 issue affects webEdition CMS, specifically the file browser component we_fs.php. It describes SQL injection via the GET parameters table and order that can be exploited to execute arbitrary SQL, with unauthenticated attackers potentially reading the CMS’s database (including pas...
webEdition CMS 6.3.8.0 svn6985 SQL Injection
Advisory: SQL Injection in webEdition CMS File Browser RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for...
CVE-2014-2303
creationtimestamp| type| source ---|---|--- 2014-05-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39206...