Hilfe - Suche - Mitglieder - Kalender
Vollansicht: SQL injection vulnerability in Lastest version Sefrengo V1.6.4
Forum Sefrengo.org > Bugtracker > Bugs Module, Plugins, Sonstiges
0keeteam
Wed. 24. June 2015, 04:53
Dear developer team.

We are a information security team from QIHU 360 company, China.
We found a SQL injection vulnerability in lastest version Sefrengo V1.6.4 and already sent you the technical details to info@sefrengo.org ,If you can't get the information, please provide me another email address.

Thank you

[Team info]
name: 0keeTeam
company: QIHU 360 company, China
email: g-sec-web@360.cn
mvsxyz
Wed. 24. June 2015, 07:50
Hello 0keeTeam,

thanks for testing Sefrengo and the security report. I recieved it and will publish a fix soon.
0keeteam
Wed. 24. June 2015, 11:36
This issue assigned by CVEID: CVE-2015-5052
mvsxyz
Thu. 25. June 2015, 22:14
Security fix is included in Sefrengo v1.6.5 beta2.
Dieses ist eine vereinfachte Darstellung unseres Foreninhaltes. Um die detaillierte Vollansicht mit Formatierung und Bildern zu betrachten, bitte hier klicken.
Invision Power Board © 2001-2024 Invision Power Services, Inc.