2 matches found
Sql injection
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...
CVE-2012-3350
The CVE-2012-3350 entry refers to a Blind SQL Injection in Webmatic 3.1.1 (vendor: valarsoft.com) via the Referer HTTP header fed to index.php. The underlying issue is improper sanitization of input used in SQL queries, enabling remote attackers to infer data (e.g., via time-based techniques) and...