2 matches found
CVE-2006-2573
SQL injection vulnerability in index.php in DGBook 1.0, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 homepage, 4 address, 5 comment, and 6 ip parameters. NOTE: the provenance of this information is unknown; the details are...
CVE-2006-2573
DGBook 1.0 is affected by a SQL injection in index.php when magic_quotes_gpc is disabled. The vulnerability allows remote attackers to inject and execute arbitrary SQL via the following parameters: name, email, homepage, address, comment, and ip. The issue stems from unsafe handling of user input...