2 matches found
Sql injection
SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2005-3843...
CVE-2005-3843
CVE-2005-3843 describes an SQL injection in Nicecoder iDesk 1.0, specifically in faq.php via the cat_id parameter, allowing remote attackers to execute arbitrary SQL commands. The connected documents confirm the vulnerable component (faq.php, cat_id) and the impact (arbitrary SQL execution); no e...