5 matches found
CVE-2009-5090
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors...
Sql injection
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors...
CVE-2009-5090
CVE-2009-5090 documents a SQL injection in Bloggeruniverse Beta 2, affecting the editcomments.php handler. The vulnerability allows remote attackers to inject arbitrary SQL via the id parameter when magic_quotes_gpc is disabled. Affected component: Bloggeruniverse (Beta 2) web module; vulnerable ...
CVE-2009-3313
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...
Sql injection
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...