CVE-2007-4922

2007-09-17T13:17:00
ID CVE-2007-4922
Type cve
Reporter NVD
Modified 2017-09-28T21:29:25

Description

SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.