Full Disclosure

[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability

December 31, 2014 007admin Leave a comment

Posted by Egidio Romano on Dec 31

——————————————————————-
Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability
——————————————————————-

[-] Software Link:

http://osclass.org/

[-] Affected Versions:

Version 3.4.2 and probably prior versions.

[-] Vulnerability Description:

The vulnerability exists because user input passed through the “alert” parameter when…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information