Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issue than CVE-2015-7382.
References
Link Resource
http://www.kb.cert.org/vuls/id/374092 Third Party Advisory US Government Resource
https://www.exploit-db.com/exploits/38292/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2015-09-28T01:00:00

Updated: 2017-09-15T09:57:01

Reserved: 2015-08-14T00:00:00


Link: CVE-2015-6009

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2015-09-28T02:59:05.263

Modified: 2017-09-16T01:29:02.653


Link: CVE-2015-6009

JSON object: View

cve-icon Redhat Information

No data.

CWE