Full Disclosure mailing list archives
[CVE-2015-4342]SQL Injection and Location header injection from cdef id
From: "xin.wang" <xin.wang () dbappsecurity com cn>
Date: Tue, 9 Jun 2015 17:25:17 +0800
############################################################################# # # DBAPPSECURITY LIMITED http://www.dbappsecurity.com.cn/ # ############################################################################# # # CVE ID: CVE-2015-4342 # Product: cacti # Subject: SQL Injection and Location header injection from cdef id # Author: unhex # Date: June 9th 2015 # ############################################################################# The following issue has been RESOLVED. ====================================================================== http://bugs.cacti.net/view.php?id=2571 ====================================================================== Reported By: unhex Assigned To: rony ====================================================================== Project: Cacti Issue ID: 2571 Category: Database Reproducibility: always Severity: feature Priority: normal Status: resolved Resolution: fixed Fixed in Version: 0.8.8d ====================================================================== Date Submitted: 2015-06-02 23:39 EDT Last Modified: 2015-06-08 11:51 EDT ====================================================================== Summary: SQL Injection and Location header injection from cdef id Description: I found the security vulnerability.U can receive the attachment. ====================================================================== ---------------------------------------------------------------------- (0006864) rony (administrator) - 2015-06-08 11:51 http://bugs.cacti.net/view.php?id=2571#c6864 ---------------------------------------------------------------------- Issue resolved. Issue History Date Modified Username Field Change ====================================================================== 2015-06-02 23:39 unhex New Issue 2015-06-03 02:30 Linegod Status new => assigned 2015-06-03 02:30 Linegod Assigned To => cigamit 2015-06-06 07:26 unhex Note Added: 0006863 2015-06-08 11:48 rony Assigned To cigamit => rony 2015-06-08 11:49 rony Fixed in Version => 0.8.8d 2015-06-08 11:49 rony Summary a security vulnerability => SQL Injection and Location header injection from cdef id 2015-06-08 11:51 rony Note Added: 0006864 2015-06-08 11:51 rony Status assigned => resolved 2015-06-08 11:51 rony Resolution open => fixed ====================================================================== _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- [CVE-2015-4342]SQL Injection and Location header injection from cdef id xin.wang (Jun 09)