0xMarcio/cve
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
master
cve/2013/CVE-2013-3525.md

18 lines
931 B
Markdown
Raw Permalink Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2013-3525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3525)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### Description
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims.
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### POC
#### Reference
- http://packetstormsecurity.com/files/121245/RT-Request-Tracker-4.0.10-SQL-Injection.html
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink