2 matches found
CVE-2009-4561
CVE-2009-4561 affects WebLeague 2.2.0 (Admin/index.php). The vulnerability consists of multiple SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters when magic_quotes_gpc is disabled. The NVD entry documents a CVSS v2 b...
CVE-2009-4560
CVE-2009-4560 is a SQL injection in WebLeague 2.2.0: vulnerable component is profile.php, exploitable via the name parameter, allowing remote SQL commands. Affected: WebLeague 2.2.0; impact and exploit details are described in public records. No fix/remediation details are provided in the supplie...