3 matches found
CVE-2008-2907
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter.
CVE-2008-2858
SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2906
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.