2 matches found
Sql injection
SQL injection vulnerability in cityview.php in Tours Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the cityid parameter...
CVE-2008-6289
The CVE identifies an SQL injection in cityview.php of Tours Manager 1.0, exploitable via the cityid parameter. Affected component/function is cityview.php; underlying issue is improper input handling allowing arbitrary SQL execution. The primary sources (NVD/NVD-linked records) confirm remote ex...