CVE-2010-1336

2010-04-09T18:30:00
ID CVE-2010-1336
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:32:00

Description

Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.