4 matches found
Sql injection
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to 1 new/index.php, 2 news/index.php, and 3 top/topusers.php, which is not properly handled in database-pgsql.php...
CVE-2008-6189
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to 1 new/index.php, 2 news/index.php, and 3 top/topusers.php, which is not properly handled in database-pgsql.php...
CVE-2008-6189
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to 1 new/index.php, 2 news/index.php, and 3 top/topusers.php, which is not properly handled in database-pgsql.php...
CVE-2008-6189
Summary: CVE-2008-6189 affects the GForge web application. Affected versions include GForge 4.5.19 (and 4.6 b1 per OpenVAS) where the offset parameter in certain pages is not properly filtered before use in SQL queries, traced to the vulnerable code path in database-pgsql.php. The vulnerable endp...