TaskFreak! is a web-based task manager implemented in PHP. TaskFreak! is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied input to the "password" parameter in the "login.php" script before using it in an SQL query in "include/classes/tzn_user.php". TaskFreak! versions prior to 0.6.4 are affected.
Ref: http://www.securityfocus.com/archive/1/512077
10.27.93 - CVE: CVE-2010-1521
Platform: Web Application - SQL Injection
Ref: http://www.securityfocus.com/archive/1/512077
10.27.93 - CVE: CVE-2010-1521
Platform: Web Application - SQL Injection
0 comments:
Post a Comment