2 matches found
CVE-2009-3119
SQL injection vulnerability in screen.php in the Download System mSF dsmsf module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the viewid parameter...
CVE-2009-3119
Summary: CVE-2009-3119 is a SQL injection in the PHP-Fusion Download System mSF (dsmsf) module, in the file screen.php , where the parameter view_id can be manipulated to execute arbitrary SQL. Affected component: PHP-Fusion dsmsf module (screen.php). Root cause (as stated): Input from view_id is...