[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SQLi Vulnerability in ATuter management system
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: SQLi Vulnerability in ATuter management system
- From: sirus.shahini@xxxxxxxxx
- Date: Wed, 2 Dec 2015 16:08:29 GMT
The vulnerability resides in:
mods/_standard/assignments/add_assignment.php at line 247 and the variable
$assign_to.
The vendor failed to request a CVE number. So I decided to request one here.