CVE-2006-1495
CVE-2006-1495
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/1617unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://downloads.securityfocus.com/vulnerabilities/exploits/PHPCollab_NetOffice_SQLINJ.phphttp://secunia.com/advisories/19449http://secunia.com/advisories/19452http://secunia.com/advisories/33258http://security.gentoo.org/glsa/glsa-200812-20.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25503https://exchange.xforce.ibmcloud.com/vulnerabilities/25505https://www.exploit-db.com/exploits/1617http://www.osvdb.org/24226http://www.osvdb.org/24230http://www.securityfocus.com/bid/17283http://www.securityfocus.com/bid/17286