CVE-2014-3783

2014-05-22T15:13:00
ID CVE-2014-3783
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:47:00

Description

SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter.