4 matches found
Design/Logic Flaw
Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-3125
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2008-3125
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2008-3125
CVE-2008-3125 describes an SQL injection in Mole Group Lastminute Script 4.0, exploitable via the cid parameter in index.php. The vulnerability allows remote attackers to execute arbitrary SQL commands. The NVD entry notes a CVSSv2 base score of 7.5 (High) with network access, low attack complexi...