Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« vBGallery PHP Script Upload Vulnerability
minimal Gallery Information Disclosure Vulnerabilities »

TaskFreak SQL Injection Vulnerability

Published by TL Guan January 22nd, 2008 in Content Management and SQL Injection.

Application: TaskFreak
Affected Version: 0.6.1 and other versions.
Vendor’s URL: http://www.taskfreak.com/
Bug Type: SQL Injection
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional