2 matches found
CVE-2009-3514
Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via 1 the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 2 editid and 3 p parameter in a news action to...
CVE-2009-3514
Consolidated data for CVE-2009-3514 confirms concrete details: affected software is d.net CMS, with two vulnerable paths. SQL injection could be exploited via the page parameter in index.php, and via the edit_id and _p parameters in dnet_admin/index.php, potentially allowing remote command execut...