Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php.
References
Configurations
History
21 Nov 2024, 00:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/28560 - | |
References | () http://securityreason.com/securityalert/3553 - | |
References | () http://www.securityfocus.com/archive/1/486492/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/27335 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39746 - |
Information
Published : 2008-01-18 22:00
Updated : 2024-11-21 00:41
NVD link : CVE-2008-0363
Mitre link : CVE-2008-0363
CVE.ORG link : CVE-2008-0363
JSON object : View
Products Affected
clever_copy
- clever_copy
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')