4 matches found
Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2
Product description: ============ KnowledgeTree is document management system that makes it easy to secure, share, track and manage the documents and records. ============ KnowledgeTree Blind SQL Injection CVE-2014-2737 ============ The application is vulnerable to blind SQL injection which is...
KnowledgeTree Blind SQL Injection Vulnerability
KnowledgeTree suffers from a remote blind SQL injection vulnerability. Product description: ============ KnowledgeTree is document management system that makes it easy to secure, share, track and manage the documents and records. ============ KnowledgeTree Blind SQL Injection CVE-2014-2737...
CVE-2014-2737
SQL injection vulnerability in the getactivesession function in the KTAPIUserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function...
CVE-2014-2737
KnowledgeTree 3.7.0.2 and earlier is affected by a blind SQL injection in webservice/clienttools/services/mdownload.php. The vulnerability stems from an unparameterized query in KTAPI_UserSession.get_active_session, where an unvalidated u parameter is used in getFileName, allowing remote attacker...