4 matches found
Sql injection
code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" b...
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" b...
CVE-2009-1742
CVE-2009-1742 affects PC4Arb Pc4 Uploader 9.0 and earlier. The vulnerability is an SQL injection in code.php via the id parameter in a banner action, where a crafted keyword sequence bypasses a filter in filter_sql (e.g., UNIunionON collapses to UNION). This enables remote attackers to inject SQL...
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" b...