2 matches found
CVE-2008-3089
CVE-2008-3089 describes an SQL injection vulnerability in Xpoze Pro 3.06 (Xpoze Pro CMS 2008), exploitable via the uid parameter in user.html . The root cause is improper input handling that allows arbitrary SQL execution by remote attackers. Impact per sources is partial confidentiality/integrit...
CVE-2008-3089
SQL injection vulnerability in user.html in Xpoze Pro 3.06 aka Xpoze Pro CMS 2008 allows remote attackers to execute arbitrary SQL commands via the uid parameter...