Xerox Fiery Webtools - SQL Injection

EDB-ID:

9850




Platform:

PHP

Date:

2009-11-03


Hello i am from portugal and i would like to report a new  
vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/ 
summary.php?select= if you and ' you have the possibility to exploit  
this condition to inject SQL code.

Already have contact the vendor

best regards

Bernardo Trigo

Qualidade e Seguran�a
Centro de Inform�tica Prof. Correia de Ara�jo (CICA)
Faculdade de Engenharia da Universidade do Porto (FEUP)

AVISO LEGAL

Esta mensagem � confidencial e dirigida apenas ao destinat�rio. Se a  
recebeu por erro solicitamos que o comunique ao remetente e a elimine  
assim como qualquer documento anexo. N�o h� ren�ncia �  
confidencialidade nem a nenhum privil�gio devido a erro de transmiss�o.
Qualquer opini�o expressa nesta mensagem pertence unicamente ao autor  
remetente, e n�o representa necessariamente a opini�o a n�o ser que  
expressamente se diga que o remetente est� autorizado para o efectuar.



DISCLAIMER

This message is confidential and intended exclusively for the  
addressee. If you received this message by mistake please inform the  
sender and delete the message and attachments. No confidentiality nor  
any privilege regarding the information is waived or lost by any  
mistransmission.
Any views or opinions contained in this message are solely those of  
the author, and do not necessarily represent , unless specifically  
stated and the sender is authorized to do so.