A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wikidsystems 2fa enterprise server 3.5.0 |
||
wikidsystems 2fa enterprise server 3.4.85 |
||
wikidsystems 2fa enterprise server 4.0 |
||
wikidsystems 2fa enterprise server 4.0.1 |
||
wikidsystems 2fa enterprise server 4.1.0 |
||
wikidsystems 2fa enterprise server 4.2.0 |
||
wikidsystems 2fa enterprise server 4.0.2 |
||
wikidsystems 2fa enterprise server 3.4.87 |
||
wikidsystems 2fa enterprise server 3.6.0 |
||
wikidsystems 2fa enterprise server 3.4.81 |