3 matches found
CVE-2012-2952
SQL injection vulnerability in addons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the addons parameter...
Sql injection
SQL injection vulnerability in addons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the addons parameter...
CVE-2012-2952
Jaow 2.4.5 and earlier are affected by a SQL injection in add_ons.php via the add_ons parameter. The vulnerability is remote and allows arbitrary SQL execution. Root cause: unsafe handling/input validation in the add_ons parameter. Public advisories/exploits exist (e.g., exploit-db, Secunia, X-Fo...