CVE-2009-0287

CVE-2009-0287

EPSS 1.1%

SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://keeptoolkit.svn.sourceforge.net/viewvc/keeptoolkit?view=rev&revision=56 http://osvdb.org/51623 http://secunia.com/advisories/33652 http://sourceforge.net/project/shownotes.php?release_id=655845&group_id=227492 http://www.securityfocus.com/bid/33425