5 matches found
EUVD-2006-0675
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the pseudo parameter to login.php, 2 the id parameter to index.php in a carnet editer action in the MemberSpace espacemembre module, or 3 the typenav parameter to index.php in a...
Sql injection
SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espacemembre module. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-0668
SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espacemembre module. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-0668
CVE-2006-0668 describes an SQL injection in the PHP application PwsPHP 1.2.3, specifically via the id parameter in index.php (and possibly in message.php within the espace_membre module). The underlying issue is a lack of input validation/safe query construction, enabling remote attackers to exec...