17 lines
No EOL
605 B
Text
17 lines
No EOL
605 B
Text
source: http://www.securityfocus.com/bid/37045/info
|
|
|
|
Multiple JiRo's products are prone to multiple SQL-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data before using it in an SQL query.
|
|
|
|
Exploiting these issues could allow an attacker to compromise the applications, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
|
|
|
The following products are affected:
|
|
|
|
JBS 2.0
|
|
JBSX
|
|
|
|
Other products may also be affected.
|
|
|
|
The following proof-of-concept login and password examples are available:
|
|
|
|
admin 'or' '='
|
|
password 'or' '=' |