CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Multiple SQL injection vulnerabilities in the Google Gadget login.php (gadget/login.php) in Rob Hensley ackerTodo 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) up_login, (2) up_pass, or (3) up_num_tasks parameters.

Product Status

Learn more

Information not provided

References 10 Total

securityfocus.com: 20061005 ackerTodo 4.2 SQL Injection Vulnerability
external site
mailing-list
securityreason.com: 1703
external site
third-party-advisory
http://ackertodo.cvs.sourceforge.net/ackertodo/ackertodo/src/gadget/login.php?view=log
external site
secunia.com: 22254
external site
third-party-advisory
securityfocus.com: 20372
external site
vdb-entry
exchange.xforce.ibmcloud.com: ackertodo-login-sql-injection(29375)
external site
vdb-entry
osvdb.org: 29552
external site
vdb-entry
vupen.com: ADV-2006-3951
external site
vdb-entry
securitytracker.com: 1017008
external site
vdb-entry
http://ackertodo.cvs.sourceforge.net/ackertodo/ackertodo/src/gadget/login.php?r1=1.3&r2=1.4
external site

Updated: 2024-08-07

This container includes required additional information provided by the CVE Program for this vulnerability.

References 10 Total

securityfocus.com: 20061005 ackerTodo 4.2 SQL Injection Vulnerability
external site
mailing-listx_transferred
securityreason.com: 1703
external site
third-party-advisoryx_transferred
http://ackertodo.cvs.sourceforge.net/ackertodo/ackertodo/src/gadget/login.php?view=log
external site
x_transferred
secunia.com: 22254
external site
third-party-advisoryx_transferred
securityfocus.com: 20372
external site
vdb-entryx_transferred
exchange.xforce.ibmcloud.com: ackertodo-login-sql-injection(29375)
external site
vdb-entryx_transferred
osvdb.org: 29552
external site
vdb-entryx_transferred
vupen.com: ADV-2006-3951
external site
vdb-entryx_transferred
securitytracker.com: 1017008
external site
vdb-entryx_transferred
http://ackertodo.cvs.sourceforge.net/ackertodo/ackertodo/src/gadget/login.php?r1=1.3&r2=1.4
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 10 Total

CVE Program

References 10 Total