CVE-2008-4889

2008-11-04T00:57:00
ID CVE-2008-4889
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:32:00

Description

SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action.