GForge SQL Injection and Cross Site Scripting Vulnerabilities

Bugtraq ID: 35424
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jun 18 2009 12:00AM
Updated: Jun 22 2009 05:39PM
Credit: Laurent Almeras and Guillaume Smet
Vulnerable: GForge GForge 4.5.14
+ Debian Linux 4.0 sparc
 + Debian Linux 4.0 s/390
 + Debian Linux 4.0 powerpc
 + Debian Linux 4.0 mipsel
 + Debian Linux 4.0 mips
 + Debian Linux 4.0 m68k
 + Debian Linux 4.0 ia-64
 + Debian Linux 4.0 ia-32
 + Debian Linux 4.0 hppa
 + Debian Linux 4.0 arm
 + Debian Linux 4.0 amd64
 + Debian Linux 4.0 alpha
 + Debian Linux 4.0
 GForge GForge 4.7rc2
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus