14 matches found
Lois Software 2.0a SQL Injection
Vulnerability ID: HTB22430 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinwebdb1.html Product: WebDB Vendor: Lois Software Vulnerable Version: 2.0a and Probably Prior Versions Vendor Notification: 10 June 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...
SQL injection vulnerability in WebDB
Vulnerability ID: HTB22430 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinwebdb1.html Product: WebDB Vendor: Lois Software Vulnerable Version: 2.0a and Probably Prior Versions Vendor Notification: 10 June 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...
SQL injection vulnerability in WebDB
No description provided by source. The vulnerability exists due to failure in the "index.asp" script to properly sanitize user-supplied input in "qt" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access...
SQL injection vulnerability in WebDB
Vulnerability ID: HTB22429 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinwebdb.html Product: WebDB Vendor: Lois Software Vulnerable Version: 2.0a and Probably Prior Versions Vendor Notification: 10 June 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...
Lois Software WebDB 2.0A Script - Multiple SQL Injections
Lois Software WebDB 2.0A Script - Multiple SQL Injections source: https://www.securityfocus.com/bid/41124/info Lois Software WebDB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issu...
Lois Software WebDB 2.0A Script - Multiple SQL Injections
source: https://www.securityfocus.com/bid/41124/info Lois Software WebDB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application,...
SQL injection Vulnerabilities in WebDB
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WebDB which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerabilities in WebDB 1.1 The vulnerability exists due to input sanitation errors in the multiple parameters in loisweb/index.as...
CVE-2005-4515
SQL injection vulnerability in WebDB 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search parameters, possibly Search0. NOTE: the vendor has disputed this issue, saying that "WebDB is a generic online database system used by many of the clients of Lois...
CVE-2005-4515
The vulnerability is a SQL injection in WebDB versions 1.1 and earlier caused by code handling search parameters (unclear exact parameter, possibly Search0). Affected component is WebDB, with the root cause in custom/testing code that previously allowed SQL in query strings. The vendor disputes t...
CVE-2005-4515
SQL injection vulnerability in WebDB 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search parameters, possibly Search0. NOTE: the vendor has disputed this issue, saying that "WebDB is a generic online database system used by many of the clients of Lois...
PT-2005-5197 · Webdb · Webdb
Name of the Vulnerable Software and Affected Versions: WebDB versions 1.1 and earlier Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via unspecified search parameters, possibly Search0. The vendor has disputed this issue, stating that the flaw was in...
WebDB SQL inj vuln.
WebDB SQL inj vuln. Vuln. discovered by : r0t Date: 22 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/webdb-sql-inj-vuln.html vendor:http://www.loissoftware.com affected version:1.1 and prior Product Description: WebDB is the totally generic, instant online database system - It is...
Дырка в Oracle WebDB
часть URL интерпретируется как SQL-запрос. Кроме того, по-умолчанию устанавливается административный доступ без пароля...
Oracle WebDb engine brain-damagse
Ladies and gentlemen, here's something tasty: // Standard disclaimer applies. This post expresses my personal beliefs // and convinctions only. I am speaking as a private person. All the // statements were been provided for informative purposes only, and have // to be verified by the reader. NONE...