RSS   Vulnerabilities for 'News and article system'   RSS

2008-11-18
 
CVE-2008-5131

CWE-89
 

 
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).

 

 >>> Vendor: Develop it easy 2 Products
Membership system
News and article system


Copyright 2024, cxsecurity.com

 

Back to Top