SynConnect PMS (index.php, loginid param) - SQL Injection Vulnerability

No description provided by source. Title: ==== SynConnect - SQL Injection vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== Date: ==== 01-03-2013 CRD: ==== CRD-2013-01 Vendor: ====== Synchroweb...

SynConnect 2.0 the presence of SQL injection vulnerabilities-vulnerability warning-the black bar safety net

SynConnect in the loginid parameter in the presence ofSQL injectionvulnerability that stems from the program using SQL before the query is not adequately verify user-supplied input. An attacker exploit the vulnerability to manipulate the application, access or modify data, or the use of the...

SynConnect Pms - 'index.php?loginid' SQL Injection

Title: ==== SynConnect - SQL Injection vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== Date: ==== 01-03-2013 CRD: ==== CRD-2013-01 Vendor: ====== Synchroweb Technology is a provider of application...

SynConnect Pms - index.php?loginid SQL Injection

SynConnect Pms - index.php?loginid SQL Injection Title: ==== SynConnect - SQL Injection vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== Date: ==== 01-03-2013 CRD: ==== CRD-2013-01 Vendor: ======...

SynConnect PMS - SQL Injection Vulnerability

Exploit for php platform in category web applications Synchroweb Technology is a provider of application software, hardware and other innovative enterprise technology. They strive in development, deployment, and management of Linux and open source solutions for Internet infrastructure ranging fro...

CVE-2013-2690

SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter in a logoff action...

CVE-2013-2690

CVE-2013-2690 is a SQL injection vulnerability in the SynConnect 2.0 login flow of Synchroweb Technology. The flaw affects index.php where an attacker can manipulate the loginid parameter in a logoff action to execute arbitrary SQL commands. Reported in NVD with a base score of 7.5 (HIGH) and net...

SynConnect SQL Injection

Title: ==== SynConnect - SQL Injection vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== Date: ==== 01-03-2013 CRD: ==== CRD-2013-01 Vendor: ====== Synchroweb Technology is a provider of application...