blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded characters (%27).
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Protector_system | Protector_system | 1.15b1 (including) | 1.15b1 (including) |
References
- http://protector.warcenter.se/article-53--0-0.html
- http://www.securityfocus.com/archive/1/361300/2004-04-21/2004-04-27/0
- http://www.securityfocus.com/bid/10206
- http://www.waraxe.us/index.php?modname=sa\u0026id=25
- http://protector.warcenter.se/article-53--0-0.html
- http://www.securityfocus.com/archive/1/361300/2004-04-21/2004-04-27/0
- http://www.securityfocus.com/bid/10206
- http://www.waraxe.us/index.php?modname=sa\u0026id=25