RTH Information Disclosure and Multiple SQL Injection Vulnerabilities

RTH is prone to an information-disclosure vulnerability and multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data.

A successful attack could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Versions prior to RTH 1.7.0 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus