2 matches found
CVE-2009-4667
SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter...
CVE-2009-4667
The CVE-2009-4667 entry concerns a SQL injection in WebMember 1.0 accessing form.php via the formID parameter. The vulnerability affects the form.php handler and can be triggered by an authenticated remote user, enabling arbitrary SQL execution. Affected software is WebMember 1.0; specific exploi...