Open Web Analytics Password Reset Page owa_email_address Parameter SQL Injection

This exploit is Copyright (C) 2007-2017 DSquare Security, LLC.


Description: SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
Family: SQL Injection
Bugtraq ID: BID-64774
CVE ID: CVE-2014-1206
VULNDB ID: VULNDB-101925

Back to Exploits

Share :   Facebook   Twitter   Google+