HomePentest-Tools.com Logo

Horizon QCMS Multiple Vulnerabilities CVE-2013-7138CVE-2013-7139

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Horizon QCMS is prone to multiple vulnerabilities.

Risk description

Flaw exists in d-load.php and download.php scripts, which fail to properly sanitize user-supplied input to category and start parameter. Successful exploitation will allow remote attackers to execute SQL commands or obtain sensitive information.

Recommendation

Upgrade to Horizon QCMS version 4.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 9, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available