3 matches found
CVE-2009-4883
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the 1 baseid or 2 courseid parameter in a search action...
CVE-2009-4883
PHPRecipeBook is vulnerable to an SQL injection in index.php via the base_id and course_id parameters in a search action on versions 2.24 and 2.39. Root cause: insufficient input sanitization before using values in SQL queries. Impact: remote attackers could alter queries and access/modify data, ...
PHPRecipeBook 'base_id' Parameter SQL Injection Vulnerability
PHPRecipeBook is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...