3 matches found
Sql injection
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog ytb 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306...
CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog ytb 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2008-3306
CVE-2008-3306 targets C. Desseno YouTube Blog (ytb) 0.1. The vulnerability is a SQL injection in info.php that allows remote attackers to execute arbitrary SQL commands via the id parameter (a vector distinct from CVE-2008-3307). Associated records indicate a second, related entry (CVE-2008-3307)...