3 matches found
CVE-2010-4400
DynPG CMS 4.2.0 is vulnerable to SQL injection in _rights.php via the giveRights_UserId parameter due to insufficient input sanitization. This allows remote attackers to execute arbitrary SQL commands against the database, potentially reading, modifying, or deleting data. A fix is available: upgr...
CVE-2010-4400
SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...
Multiple Vulnerabilities in DynPG
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DynPG which could be exploited to perform SQL injection attacks, disclose potentially sensitive information and compromise vulnerable system. 1 Installation path disclosure weakness in in DynPG: CVE-2010-4401 The...