2 matches found
CVE-2008-4889
SQL injection vulnerability in index.php in deV!L'z Clanportal DZCP 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action...
CVE-2008-4889
CVE-2008-4889 describes a SQL injection in the DZCP (deV!L'z Clanportal) 1.4.9.6 and earlier, triggered in the addbuddy operation via the users parameter in buddys. The vulnerability enables remote attackers with network access and no authentication to execute arbitrary SQL commands, with partial...