CVE-2011-4448

2012-09-05T20:55:00
ID CVE-2011-4448
Type cve
Reporter cve@mitre.org
Modified 2012-09-06T12:43:00

Description

SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter in an update action.