SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-15T16:00:00
Updated: 2024-08-06T09:34:40.571Z
Reserved: 2014-01-07T00:00:00
Link: CVE-2014-1206
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-01-15T16:08:18.580
Modified: 2018-10-09T19:42:22.627
Link: CVE-2014-1206
Redhat
No data.