Produkt Phpbugtracker (...) - CVEMAP.ORG

Podatności dla 'Phpbugtracker'

2009-06-01

CVE-2009-1851

CWE-89

SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2009-1850

CWE-89

SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter.

Copyright 2024, cxsecurity.com