View Issue Details

IDProjectCategoryView StatusLast Update
0000378Main CAcert Websitesource codepublic2013-11-20 22:23
ReporterSourcerer Assigned ToSourcerer  
PriorityimmediateSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Fixed in Version2009 Q2 
Summary0000378: CCSR API SQL Injection
DescriptionI was just told that we have a SQL Injection Vulnerability in the ccsr.php API.
Additional InformationBluec: Can you verify it please?
TagsNo tags attached.
Reviewed by
Test Instructions

Activities

duane

2006-12-29 14:55

developer   ~0000762

Can someone please explain the exploit, I wasn't able to see anything obvious by doing a code inspection on the file.

Sourcerer

2009-04-26 19:51

administrator   ~0001386

I have verified the sourcecode and couldn't find a SQL injection there.

Issue History

Date Modified Username Field Change
2006-12-29 13:28 Sourcerer New Issue
2006-12-29 13:42 duane View Status public => private
2006-12-29 14:55 duane Note Added: 0000762
2009-04-26 19:51 Sourcerer Note Added: 0001386
2009-04-26 19:51 Sourcerer Status new => solved?
2009-07-20 20:33 Sourcerer Status solved? => closed
2009-07-20 20:33 Sourcerer Resolution open => fixed
2009-07-20 20:33 Sourcerer Assigned To => Sourcerer
2013-01-14 21:04 Werner Dworak Fixed in Version => 2009 Q2
2013-11-20 22:23 NEOatNHNG View Status private => public