2 matches found
CVE-2007-1363
DropAFew before 0.2.1 contains SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via (1) id in delete action (search.php or search-pda.php) or (2) calories in save action (editlogcal.php). Affected software is DropAFew (calorie counting app). The issue ar...
[Full-disclosure] DropAFew - SQL injection and authorization issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ ||| Security Advisory AKLINK-SA-2007-002 ||| ||| CVE-2007-1363 CVE candidate ||| ||| CVE-2007-1364 CVE candidate ||| ============================================ DropAFew - Multiple vulnerabilities SQL...