2 matches found
Sql injection
SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
CVE-2007-4808
CVE-2007-4808 describes multiple SQL injection vulnerabilities in TLM CMS 3.2 (also affecting 3.1/1.1 via notes) that allow remote attackers to inject arbitrary SQL through six parameters across several scripts (news.php, goodies.php, file.php, affichage.php, mod_forum/afficher.php, mod_forum/mes...