4 matches found
CVE-2014-7871
The CVE-2014-7871 issue affects Open-Xchange App Suite (OX App Suite) via the jslob API, enabling SQL injection through MySQL XPath interpreter (ExtractValue). Vulnerable in 7.6.x before 7.6.0-rev23 and 7.4.2-rev36; fixed versions are 7.4.2-rev36 and 7.6.0-rev23. Impact involves potential arbitra...
OX App Suite 7.6.0 SQL Injection Vulnerability
OX App Suite versions 7.6.0 and below suffer from a remote SQL injection vulnerability. Product: OX App Suite Vendor: Open-Xchange GmbH Internal reference: 34765 Bug ID Vulnerability type: SQL Injection CWE-89 Vulnerable version: 7.6.0 and earlier Vulnerable component: backend Report confidence:...
Open-Xchange Security Advisory 2014-11-07
Product: OX App Suite Vendor: Open-Xchange GmbH Internal reference: 34765 Bug ID Vulnerability type: SQL Injection CWE-89 Vulnerable version: 7.6.0 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Researcher credits: SoftScheck GmbH Fixed...
OX App Suite 7.6.0 SQL Injection
Product: OX App Suite Vendor: Open-Xchange GmbH Internal reference: 34765 Bug ID Vulnerability type: SQL Injection CWE-89 Vulnerable version: 7.6.0 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Researcher credits: SoftScheck GmbH Fixed...