2 matches found
Sql injection
Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the 1 sectionID parameter to admin/managersection.php, 2 userID parameter to admin/edituser.php, 3 username parameter to admin/admin.php, or 4 title parameter to...
CVE-2010-2672
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 SectionID and 2 SearchTimestamp parameters to the search feature and the 3 SearchContentClassAttributeID parameter to the advancedsearch feature...