RSS   Vulnerabilities for 'Members cv module'   RSS

2009-03-05
 
CVE-2009-0831

CWE-89
 

 
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.

 

 >>> Vendor: Php-fusion 10 Products
Expanded calendar module
Php-fusion
Forum rank system
World of warcraft tracker infusion module
Recepies module
Freshlinks module
The kroax module
Team impact ti blog system module
Members cv module
Phpfusion


Copyright 2024, cxsecurity.com

 

Back to Top