Vulnerabilities

CVE-2007-6544

by Fred · 27/12/2007

Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/.

Date published : 2007-12-27

http://www.securityfocus.com/bid/27019

http://www.securityfocus.com/archive/1/485512/100/0/threaded

Similar

Tags: Cybersecurity Alert