2 matches found
Sql injection
SQL injection vulnerability in pickusers.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the unamesearch parameter. NOTE: some of these details are obtained from third party information...
CVE-2008-4459
The CVE-2008-4459 entry concerns the web app component eXtrovert Thyme 1.3 , specifically the pick_users.php (groups module) . It describes a SQL injection vulnerability exploitable via the uname_search parameter that could allow remote attackers to execute arbitrary SQL commands. The vulnerabili...