CVE-2007-6127 (Project Alumni) |
|
| BugsAlert Home > CVE-2007-6127 (Project Alumni) | |
|
Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6127 Learn more about CVE-2007-6127 (Project Alumni) |
|
| Tags: cve-2007-6127 project alumni | |
Related Items |
|
|
CVE-2008-1795 (Academic Suite)
|
|
|
WORM_RASTY.A
|
|
|
Gentoo update for dovecot
|
|
|
Xerox WorkCentre Web Server Unspecified Script Insertion
|
|
|
BKDR_DELF.IRS
|
|
|
CVE-2007-6240 (Snitz Forums)
|
|
|
Mandriva: Subject: [Security Announce] [ MDVSA-2008:208 ] pam_mount
|
|
