2 matches found
CVE-2015-6538
CVE-2015-6538 affects Epiphany Cardio Server login page: improper handling of authentication requests enables an LDAP injection via a crafted URL, bypassing access controls. Impacted versions are 3.3, 4.0, and 4.1, potentially allowing unauthenticated attackers to bypass authentication and access...
Epiphany Cardio Server is vulnerable to SQL and LDAP injection
Overview The Epiphany Cardio Server is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights. Description Epiphany Cardio Server was reported as being vulnerable to the following issues:CWE-89: Improper Neutralization of Special Elements...