Computer Security
[EN] securityvulns.ru no-pyccku


Kerio Control SQL injection
Published:16.10.2014
Source:
SecurityVulns ID:14039
Type:remote
Threat Level:
5/10
Description:SQL injection in Web interface.
Affected:KERIO : Kerio Control 8.3
CVE:CVE-2014-3857 (Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.)
Original documentdocumentinfo_(at)_fereidani.com, Kerio Control <= 8.3.1 Boolean-based blind SQL Injection (16.10.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod