POSH /portal/addtoapplication.php rssurl Parameter SQL Injection

This exploit is Copyright (C) 2007-2017 DSquare Security, LLC.


Description: SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter.
Family: SQL Injection
Bugtraq ID: BID-65817
CVE ID: CVE-2014-2211
VULNDB ID: VULNDB-103769

Back to Exploits

Share :   Facebook   Twitter   Google+