ID
VAR-201004-0747
TITLE
Tele Data's Contact Management Server 'username' Parameter SQL Injection Vulnerability
Trust: 0.3
sources:
BID: 39799
DESCRIPTION
The Tele Data's Contact Management Server is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database Tele Data's Contact Management Server 0.9 is vulnerable; other versions may also be affected.
Trust: 0.3
sources:
BID: 39799
AFFECTED PRODUCTS
| vendor: | td | model: | cms tele data's contact management server | scope: | eq | version: | 0.9 | Trust: 0.3 |
sources:
BID: 39799
THREAT TYPE
network
Trust: 0.3
sources:
BID: 39799
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 39799
EXTERNAL IDS
| db: | BID | id: | 39799 | Trust: 0.3 |
sources:
BID: 39799
REFERENCES
| url: | http://teledata.qc.ca/td_cms/ | Trust: 0.3 |
sources:
BID: 39799
CREDITS
John Leitch
Trust: 0.3
sources:
BID: 39799
SOURCES
| db: | BID | id: | 39799 |
LAST UPDATE DATE
2022-05-17T01:51:50.296000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 39799 | date: | 2010-04-28T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 39799 | date: | 2010-04-28T00:00:00 |