Vulnerabilities

CVE-2008-0385

by Fred · 29/02/2008

SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO.

Date published : 2008-02-29

http://www.securityfocus.com/bid/28032

http://www.securityfocus.com/archive/1/488909/100/0/threaded

Related

Tags: Cybersecurity Alert