CVE-2011-3838

2011-12-24T19:55:00
ID CVE-2011-3838
Type cve
Reporter PSIRT-CNA@flexerasoftware.com
Modified 2017-08-29T01:30:00

Description

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php.