CVE-2011-0645

SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the wheretime parameter in a get action...

Sql injection

SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the wheretime parameter in a get action...

Sql injection

SQL injection vulnerability in include/admin/modelfield.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flashupload.php...

CVE-2011-0644

SQL injection vulnerability in include/admin/modelfield.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flashupload.php...

CVE-2011-0645

SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the wheretime parameter in a get action...

CVE-2011-0645

CVE-2011-0645 corresponds to a SQL injection in PHPCMS 2008 V2, specifically in data.php via the where_time parameter of a get action, enabling remote arbitrary SQL execution. The vulnerability is due to improper handling of user-supplied input in the query, as reported across multiple sources (N...

phpcms 2 0 0 8 V2 injection vulnerability 0day analysis-vulnerability warning-the black bar safety net

Release date: 2011-01. 2 2 Publishing author: xhm1n9 Affected versions: Phpcms 2 0 0 8 V2 Official website: Vulnerability type: SQL injection Vulnerability description: 根目录下flashupload.php file$modelid useless in single quotation marks protection, the front is also missing the filter, the presenc...