Nextime Solutions Procapita Multiple Remote Vulnerabilities
BID:29964
Info
Nextime Solutions Procapita Multiple Remote Vulnerabilities
| Bugtraq ID: | 29964 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 26 2008 12:00AM |
| Updated: | Jul 12 2008 01:49AM |
| Credit: | pelzi |
| Vulnerable: |
Nextime Solutions Procapita 0 |
| Not Vulnerable: | |
Discussion
Nextime Solutions Procapita Multiple Remote Vulnerabilities
Nextime Solutions Procapita (formerly owned by TietoEnator) is prone to multiple remote vulnerabilities, including:
- Multiple SQL-injection vulnerabilities
- Multiple information-disclosure vulnerabilities
- A password-disclosure vulnerability
An attacker can exploit these issues to obtain sensitive information, compromise the affected application, access or modify data, exploit latent vulnerabilities in the database, and gain unauthorized access to the affected application. Other attacks are also possible.
Nextime Solutions Procapita (formerly owned by TietoEnator) is prone to multiple remote vulnerabilities, including:
- Multiple SQL-injection vulnerabilities
- Multiple information-disclosure vulnerabilities
- A password-disclosure vulnerability
An attacker can exploit these issues to obtain sensitive information, compromise the affected application, access or modify data, exploit latent vulnerabilities in the database, and gain unauthorized access to the affected application. Other attacks are also possible.
Exploit / POC
Nextime Solutions Procapita Multiple Remote Vulnerabilities
An attacker can exploit the SQL-injection and the information-disclosure vulnerabilities through a browser. The attacker can use brute-force techniques to exploit the password-disclosure vulnerability.
An attacker can exploit the SQL-injection and the information-disclosure vulnerabilities through a browser. The attacker can use brute-force techniques to exploit the password-disclosure vulnerability.
Solution / Fix
Nextime Solutions Procapita Multiple Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Nextime Solutions Procapita Multiple Remote Vulnerabilities
References:
References: