3 matches found
CVE-2015-6537
The CVE-2015-6537 issue affects Epiphany Cardio Server 3.3, where an SQL injection in the login page URL allows an unauthenticated attacker to execute SQL commands that can lead to administrator access. CERT/ENISA documentation indicates the vulnerability enables login as an administrator and aff...
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL...
Epiphany Cardio Server is vulnerable to SQL and LDAP injection
Overview The Epiphany Cardio Server is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights. Description Epiphany Cardio Server was reported as being vulnerable to the following issues:CWE-89: Improper Neutralization of Special Elements...