2 matches found
CVE-2015-10086 OpenCycleCompass server-php login.php sql injection
A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling...
CVE-2015-10086
The CVE-2015-10086 entry affects OpenCycleCompass server-php, specifically the api1/login.php function where manipulation of the user parameter enables a remote SQL injection. Affected component: server-php; vulnerability is due to unsafely handled user input in login logic. Impact stated as remo...