Description
Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component.
Affected products
- blakord / blakord_portal1.3.a_beta
References
- MISChttp://www.securityfocus.com/archive/1/485544/100/0/threaded
- MISChttp://www.spanish-hackers.com/vuln/bug19.txt
- EXPLOIThttps://www.exploit-db.com/exploits/4793
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/39284
- MISChttp://www.securityfocus.com/bid/27038
- MISChttp://securityreason.com/securityalert/3497