2 matches found
CVE-2007-5425
SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote attackers to execute arbitrary SQL commands via the questId parameter in a hideQuestion ToDo action. NOTE: the catId vector is already covered by CVE-2007-5131...
CVE-2007-5131
CVE-2007-5131 affects Interspire ActiveKB NX 2.x. The vulnerability is a SQL injection in index.php when handling the browse action via the catId parameter, enabling remote execution of arbitrary SQL commands. Note that ActiveKB 1.5 is also reported to be affected. The linked references confirm t...