BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script May 28 2014 03:04PM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: SQL Injection in webEdition CMS File Browser

RedTeam Pentesting discovered an SQL injection vulnerability in the file
browser component of webEdition CMS during a penetration test.
Unauthenticated attackers can get read-only access on the SQL database
used by webEdition and read for examp...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus