2 matches found
CVE-2005-3325
CVE-2005-3325 concerns SQL injection in ACID/BASE consoles (acidlab/acidbase) due to missing input sanitising and improper parameter validation. Debian and related advisories (DSA-893-1) confirm remote exploitation via base_qry_main.php/acid_qry_main.php and related console components, with fixed...
CVE-2005-4878
CVE-2005-4878 details: Multiple XSS vulnerabilities in ACID 0.9.6b20 (acid_qry_main.php) and BASE 1.2 (base_qry_main.php), plus unspecified consoles, allow remote injection via the sig[1] parameter and related inputs. Connected documents also flag a separate but related issue CVE-2007-6156 affect...