SQL Injection Vulnerability in OcoMon by OcoTech
CVE-2005-4664

Currently unrated

Key Information:

Vendor: Ocomon
Status: Ocomon
Vendor: CVE Published:; 31 December 2005

What is CVE-2005-4664?

The OcoMon application is susceptible to an SQL injection vulnerability that arises when the magic_quotes_gpc setting is disabled. This flaw allows remote attackers to manipulate SQL queries through the logon page, potentially gaining unauthorized access to sensitive database information. It's crucial for users of OcoMon, especially versions leading up to 1.21, to ensure their configurations mitigate this risk.

References

http://sourceforge.net/project/showfiles.php?group_id=45554

x_refsource_MISC

http://secunia.com/advisories/17470

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/23085

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jan 16, 2006
Vulnerability published
Dec 31, 2005

Ocomon

What is CVE-2005-4664?

References

Timeline