BugTracker.NET is a web-based bug or issue tracker. BugTracker.NET is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to "Custom Fields" in the "search.aspx" script before using it an SQL query. BugTracker.NET versions prior to 3.4.4 are affected.
Ref: http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view
10.36.32 CVE: Not Available
Platform: Web Application - SQL Injection
Ref: http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view
10.36.32 CVE: Not Available
Platform: Web Application - SQL Injection
0 comments:
Post a Comment