2 matches found
Sql injection
SQL injection vulnerability in soportehorizontalw.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the idactividad parameter, a different vector than CVE-2007-4920...
CVE-2007-4920
The CVE-2007-4920 entry concerns a SQL injection vulnerability in soporte_derecha_w.php for PHP Webquest 2.5 and earlier. The vulnerability is triggered via the id_actividad parameter, enabling remote attackers to execute arbitrary SQL commands. This affects the specified PHP file/version family ...