CVE-2017-1002004
N/A
N/A
Summary
Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ITFlux | DTracker | unspecified < 1.5 | affected |
Weaknesses
- SQL Injection
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/96781
- http://www.vapidlabs.com/advisory.php?v=183
- https://wordpress.org/plugins/dtracker/
References
- http://www.securityfocus.com/bid/96781
- http://www.vapidlabs.com/advisory.php?v=183
- https://wordpress.org/plugins/dtracker/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.