8.5 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.1%
Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 allow remote attackers to execute arbitrary SQL commands via the (1) sql parameter in browse.php and the (2) sid, (3) lid, (4) gid, and (5) token parameters in certain PHP scripts.
secunia.com/advisories/18167
sourceforge.net/project/shownotes.php?release_id=381050&group_id=74605
www.osvdb.org/22039
www.osvdb.org/22184
www.phpsurveyor.org/mantis/view.php?id=286
www.phpsurveyor.org/mantis/view.php?id=287
www.securityfocus.com/bid/16077