CVE-2006-0919

CVE-2006-0919

EPSS 1.3%

SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://secunia.com/advisories/18993 http://www.h4cky0u.org/advisories/HYSA-2006-003-oi-email.txt http://www.osvdb.org/23462 http://www.securityfocus.com/archive/1/425924/100/0/threaded http://www.vupen.com/english/advisories/2006/0718