2 matches found
Sql injection
SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter, a different vector than CVE-2008-0363 and CVE-2006-0583...
CVE-2008-0363
CVE-2008-0363 affects Clever Copy 3.0 and earlier. The vulnerability is a SQL injection in the web app, exploitable via the ID parameter to postcomment.php and the album parameter to gallery.php, allowing remote command execution on the backend database. Root cause is improper input handling that...