CVE-2005-2398

by Fred · 27/07/2005

Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows remote attackers to execute arbitrary SQL commands via (1) the sid, start, and id parameters to browse.php, the sid parameter to (2) dataentry.php, (3) export.php, (4) admin.php, (5) conditions.php, (6) spss.php, (7) deletesurvey.php, (8) dumpsurvey.php, or (9) statistics.php, or the lid parameter to (10) labels.php or (11) dumplabel.php.

Date published : 2005-07-27

http://www.securityfocus.com/bid/14331

http://marc.info/?l=bugtraq&m=112188282401681&w=2

CVE-2005-2398

Related

Recent Posts

Categories

Latest CWE

CVE-2005-2398

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE