FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
BID:39918
Info
FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
| Bugtraq ID: | 39918 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 09 2010 12:00AM |
| Updated: | Feb 09 2010 12:00AM |
| Credit: | DungPQ |
| Vulnerable: |
FlexAppsStore Flex MySQL Connector 0 |
| Not Vulnerable: | |
Discussion
FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
Flex MySQL Connector is prone to an unauthorized-access vulnerability.
Flex MySQL Connector is prone to an unauthorized-access vulnerability that allows attackers to run arbitrary SQL commands. The problem occurs because the application does not properly restrict access to the 'flexmysqlconn.php' script.
Flex MySQL Connector is prone to an unauthorized-access vulnerability.
Flex MySQL Connector is prone to an unauthorized-access vulnerability that allows attackers to run arbitrary SQL commands. The problem occurs because the application does not properly restrict access to the 'flexmysqlconn.php' script.
Exploit / POC
FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
Attackers can exploit this issue using a browser.
Attackers can exploit this issue using a browser.
Solution / Fix
FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
References:
References:
- Flex Component MySQL Connector Remote SQL Execution Exploit (DungPQ)
- Flex MySQL Connector Homepage (FlexAppsStore)