2 matches found
CVE-2010-5012
SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-5012
CVE-2010-5012 describes a SQL injection in DaLogin 2.2 and 2.2.5, exploitable via the id parameter in new.php. The vulnerability allows remote attackers to execute arbitrary SQL commands. The NVD entry lists a base CVSS v2 score of 7.5 ( HIGH, NETWORK attack vector, no authentication required, wi...