2 matches found
CVE-2012-2236
PHP Gift Registry 1.5.5 is vulnerable to a SQL injection in users.php (userid parameter in the edit action). The issue allows remote authenticated users to execute arbitrary SQL commands. This is caused by unsafely concatenated input in the edit workflow, enabling database command execution. The ...
PHP Gift Registry 1.5.5 SQL Injection
Exploit for php platform in category web applications Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is...