SQL Injection Vulnerability in SynConnect by Synchroweb Technology
CVE-2013-2690

Currently unrated

Key Information:

Vendor

Synchroweb

Status
Synconnect
Vendor
CVE Published:
28 March 2013

What is CVE-2013-2690?

An SQL injection vulnerability exists in the index.php file of Synchroweb Technology's SynConnect 2.0 application. This security flaw permits remote attackers to manipulate SQL queries by exploiting the loginid parameter during a logoff action, potentially leading to the execution of arbitrary SQL commands. As a result, attackers could gain unauthorized access to sensitive information and compromise the database integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/91693
vdb-entryx_refsource_OSVDB
http://osvdb.org/ref/91/synconnect.txt
x_refsource_MISC
http://www.securityfocus.com/bid/58711
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.