EUVD-2006-1920

Malware in sbrugna...

CVE-2006-1920

SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrary SQL commands via the order parameter in the include files 1 user.inc.php, 2 customer.inc.php, and 3 project.inc.php. NOTE: the provenance of this information is unknown; the details are obtained...

Sql injection

SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrary SQL commands via the order parameter in the include files 1 user.inc.php, 2 customer.inc.php, and 3 project.inc.php. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2006-1920

SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrary SQL commands via the order parameter in the include files 1 user.inc.php, 2 customer.inc.php, and 3 project.inc.php. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2006-1920

The CVE-2006-1920 issue affects PMTool 1.2.2 and is a SQL injection vulnerability in index.php, exploitable via the order parameter within the included files (user.inc.php, customer.inc.php, and project.inc.php). The root cause is a failure to properly sanitize the order parameter leading to arbi...

[SA19685] PMTool "order" SQL Injection Vulnerabilities

TITLE: PMTool "order" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA19685 VERIFY ADVISORY: http://secunia.com/advisories/19685/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: PMTool 1.x http://secunia.com/product/9419/ DESCRIPTION: Pratiksha Doshi has...