CVE-2014-3757

2014-05-15T10:55:07
ID CVE-2014-3757
Type cve
Reporter NVD
Modified 2015-10-21T12:23:45

Description

SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.