Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2014-07-26T10:00:00
Updated: 2024-08-06T11:27:36.878Z
Reserved: 2014-07-10T00:00:00
Link: CVE-2014-4858
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-07-26T11:11:57.457
Modified: 2024-11-21T02:11:00.087
Link: CVE-2014-4858
Redhat
No data.