3 matches found
CVE-2014-4873
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data...
CVE-2014-4873
CVE-2014-4873 affects BMC Track-It! 11.3.0.355. The vulnerability is an SQL injection in TrackItWeb/Grid/GetData that allows a remote authenticated user to execute arbitrary SQL commands via crafted POST data. Multiple sources corroborate the issue and indicate hotfixes are available from the ven...
BMC Track-It! contains multiple vulnerabilities
Overview BMC Track-It! version 11.3.0.355 contains multiple vulnerabilities Description CWE-306: Missing Authentication for Critical Function -CVE-2014-4872 BMC Track-It! exposes several dangerous remote .NET services on port 9010 without authentication. .NET remoting allows a user to invoke...