2 matches found
CVE-2008-2652
CVE-2008-2652: Multiple SQL injection vulnerabilities in SMEWeb 1.4b and 1.4f (catalog.php) allow remote attackers to execute arbitrary SQL commands via the idp and category parameters. Root cause: unsafe SQL handling in catalog.php leading to injection. Affected products: SMEWeb 1.4b/1.4f. Impac...
CVE-2008-2652
Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers to execute arbitrary SQL commands via the 1 idp and 2 category parameters...