info
discussion
exploit
solution
references
JBoss Seam 'order' Parameter SQL Injection Vulnerability
References:
EJB-QL injection in org.jboss.seam.framework.Query
(JBoss Group)
JBoss Seam Homepage
(JBoss Group)
RHSA-2008:0151-4 JBoss Enterprise Application Platform 4.2.0CP02 security update
(Red Hat)
RHSA-2008:0213-3 JBoss Enterprise Application Platform 4.2.0CP02 security update
(Red Hat)
Privacy Statement
Copyright 2010, SecurityFocus
