SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-4333.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
boonex dolphin |
||
boonex dolphin 7.1.3 |
||
boonex dolphin 7.0.8 |
||
boonex dolphin 7.0.7 |
||
boonex dolphin 7.0.1 |
||
boonex dolphin 7.0.0 |
||
boonex dolphin 7.1.0 |
||
boonex dolphin 7.0.4 |
||
boonex dolphin 7.0.3 |
||
boonex dolphin 7.0.9 |
||
boonex dolphin 7.0.2 |
||
boonex dolphin 7.1.2 |
||
boonex dolphin 7.1.1 |
||
boonex dolphin 7.0.6 |
||
boonex dolphin 7.0.5 |