CVE-2007-2673

2007-05-14T23:19:00
ID CVE-2007-2673
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:32:00

Description

SQL injection vulnerability in includes/funcs_vendors.php in Censura 1.15.04, and other versions before 1.16.04, allows remote attackers to execute arbitrary SQL commands via the vendorid parameter in a vendor_info cmd action to censura.php.