Interchange before 5.0.1 allows remote attackers to expose the content of arbitrary variables and read or modify sensitive SQL information via an HTTP request ending with the SQLUSER string.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Interchange | Interchange_development_group | 4.8.1 (including) | 4.8.1 (including) |
Interchange | Interchange_development_group | 4.8.2 (including) | 4.8.2 (including) |
Interchange | Interchange_development_group | 4.8.3 (including) | 4.8.3 (including) |
Interchange | Interchange_development_group | 4.8.4 (including) | 4.8.4 (including) |
Interchange | Interchange_development_group | 4.8.5 (including) | 4.8.5 (including) |
Interchange | Interchange_development_group | 4.8.6 (including) | 4.8.6 (including) |
Interchange | Interchange_development_group | 4.8.7 (including) | 4.8.7 (including) |
Interchange | Interchange_development_group | 4.8.8 (including) | 4.8.8 (including) |
Interchange | Interchange_development_group | 4.8.9 (including) | 4.8.9 (including) |
Interchange | Interchange_development_group | 5.0 (including) | 5.0 (including) |