2 matches found
Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow...
Alumni 1.0.8/1.0.9 - 'info.php?id' SQL Injection
source: https://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...