CVE-2009-3327

2009-09-23T12:08:00
ID CVE-2009-3327
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:29:00

Description

Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the (1) QUERY parameter to search.php and (2) USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information.