[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Thomson Web Skill Vantage Manager
From: walter.sobchak () hushmail ! com
Date: 2005-07-28 9:22:17
Message-ID: 20050728092217.29243.qmail () securityfocus ! com
[Download RAW message or body]
Hi
Is anyone here using Thomson Web Skill Vantage Manager for online training? If yes I \
suggest to take the system offline and to improve input validation.The system allows \
an SQL injection at the login - this gives a visitor easy access with complete \
Administrator privileges over the system. A malicious user could damage the \
installation.
Don't know if this has been posted already, hope this info is of use.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic