First published: Tue Jan 17 2023(Updated: )
A vulnerability was found in saemorris TheRadSystem and classified as critical. This issue affects the function redirect of the file _login.php. The manipulation of the argument user/pass leads to sql injection. The attack may be initiated remotely. The identifier of the patch is bfba26bd34af31648a11af35a0bb66f1948752a6. It is recommended to apply a patch to fix this issue. The identifier VDB-218453 was assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Theradsystem Project Theradsystem | <2015-04-03 | |
<2015-04-03 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2015-10063 is classified as critical.
The function 'redirect' of the file '_login.php' is affected by CVE-2015-10063.
The attack method of CVE-2015-10063 is SQL injection.
Yes, CVE-2015-10063 is exploitable remotely.
To fix CVE-2015-10063, apply the patch provided in the commit 'bfba26bd34af31648a11af35a0bb66f1948752a6'.