CVE-2008-2916

2008-06-30T18:24:00
ID CVE-2008-2916
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:44:00

Description

Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php.