4 matches found
Meeting Room Booking System typematch Parameter SQL Injection
The remote Meeting Room Booking System install is affected by a SQL injection vulnerability because its 'report.php' script does not properly sanitize input to the 'typematch' parameter before using it in a database query. An attacker is able to obtain or modify data in the Meeting Room Booking...
CVE-2009-3533
SQL injection vulnerability in report.php in Meeting Room Booking System MRBS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3533
SQL injection vulnerability in report.php in Meeting Room Booking System MRBS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3533
CVE-2009-3533 : The Meeting Room Booking System (MRBS) is vulnerable in its reporting page, report.php, where the typematch parameter is not properly sanitized before being used in a SQL query. This allows remote attackers to inject arbitrary SQL and potentially read/modify data in the MRBS datab...