Wednesday, December 19, 2012

Kiwi Syslog Web Access 1.4.4 SQL Injection & Blind SQL Injection

Product: Kiwi Syslog Web Access
Version: 1.4.4
Vendor: http://www.kiwisyslog.com/kiwi-syslog-server-overview/
Vulnerability type: SQL Injection and Blind SQL Injection
Risk level: High
Vendor notification: 2012-12-18
Tested on: Windows 2003
Author: Mohd Izhar Ali

Kiwi Syslog Web Access version 1.4.4 suffers from remote SQL injection and blind SQL injection vulnerabilities.

You can download here:
http://packetstormsecurity.org/files/118945/Kiwi-Syslog-Web-Access-1.4.4-SQL-Injection.html

1 comment:

atik rahman said...

its awesome post. if any one learn about juniper pls visit:http://techalap.com/category/tech/juniper/