4 matches found
CVE-2010-4500
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
Sql injection
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...
CVE-2010-4363
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...
CVE-2010-4363
The CVE-2010-4363 entry concerns MRCGIGUY (MCG) FreeTicket 1.0.0. The vulnerability is a SQL injection in contact.php exposed via the showtickets action, exploitable through the id and email parameters when magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary SQL comman...