2 matches found
CVE-2008-3387
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter...
CVE-2008-3387
The CVE-2008-3387 entry concerns a SQL injection in show.php of PHPFootball 1.6, enabling remote attackers to execute arbitrary SQL commands via the dbtable parameter. The NVD-derived CVSSv2 metrics indicate a base score of 7.5 (HIGH) with network attack vector, low attack complexity, and no auth...