2 matches found
CVE-2007-2320
SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478...
CVE-2005-4478
The CVE-2005-4478 entries (and related records) document multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier. An attacker can remotely execute arbitrary SQL commands via: (1) menuid parameter to index.php and guestbook.php; and (2) forumid and (3) reporeid_print parameters to print....