4 matches found
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito aka creasito e-commerce content manager 1.3.16, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to 1 admin/checkuser.php and 2 checkuser.php...
Sql injection
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito aka creasito e-commerce content manager 1.3.16, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to 1 admin/checkuser.php and 2 checkuser.php...
CVE-2009-4925
Creasito e-commerce content manager (Portale Creasito) 1.3.16 is affected by multiple SQL injection vulnerabilities. The issue allows remote attackers to inject arbitrary SQL via the username parameter to admin/checkuser.php and checkuser.php when magic_quotes_gpc is disabled. Affected product/ve...
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito aka creasito e-commerce content manager 1.3.16, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to 1 admin/checkuser.php and 2 checkuser.php...