Sql injection

SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skilledit parameter...

CVE-2008-6188

SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skilledit parameter...

CVE-2008-6188

SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skilledit parameter...

CVE-2008-6188

CVE-2008-6188 affects GForge 4.6 rc1 and earlier. The SQL injection exists in people/editprofile.php via the skill_edit[] parameter, enabling remote attackers to inject arbitrary SQL. Connected sources confirm the affected software and input vector; no vendor patch is provided in the documents, s...

CVE-2008-2381

SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable...

CVE-2008-2381

SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable...

CVE-2008-2381

CVE-2008-2381 describes an SQL injection in GForge’s GroupJoinRequest.class create() function (common/include/GroupJoinRequest.class) affecting GForge 4.5 and 4.6. The vulnerability allows a remote attacker to inject SQL via the comments variable, enabling arbitrary SQL execution. Public referenc...

Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability

No description provided by source. Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...