PT-2006-2275 · Maian · Maian Support

Aliaksandr Hartsuyeu

Publicado

2006-03-19

Atualizado

2018-10-18

CVE-2006-1259

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Maian Support version 1.0

Description The issue allows remote attackers to execute arbitrary SQL commands. This is possible via the email or pass parameter to the "admin/index.php" endpoint.

Recommendations For Maian Support version 1.0, consider restricting access to the "admin/index.php" endpoint until a patch is available. As a temporary workaround, avoid using the email and pass parameters in this endpoint to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-1259

Produtos afetados

Maian Support

PT-2006-2275 · Maian · Maian Support

CVE-2006-1259

Identificadores relacionados

Produtos afetados

Referências · 8