An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/167026/WebTareas-2.4-SQL-Injection.html | Exploit Third Party Advisory VDB Entry |
https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/ | Exploit Technical Description Third Party Advisory |
https://sourceforge.net/projects/webtareas/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-20T19:41:06
Updated: 2022-05-11T17:06:25
Reserved: 2021-11-08T00:00:00
Link: CVE-2021-43481
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-20T20:15:08.190
Modified: 2022-09-09T16:56:36.187
Link: CVE-2021-43481
JSON object: View
Redhat Information
No data.
CWE