2 matches found
CVE-2008-2972
SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the catid parameter in a comment action...
CVE-2008-2972
CVE-2008-2972 describes a SQL injection vulnerability in the KbLance product, where the index.php comment action accepts a malicious value in the cat_id parameter, allowing an attacker to execute arbitrary SQL commands. This is documented across multiple sources (NVD entry, CVE records, and relat...