CVE-2008-0649

SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:adp:astanda_directory_project:1.2:*:*:*:*:*:*:*
cpe:2.3:a:adp:astanda_directory_project:1.3:*:*:*:*:*:*:*

History

21 Nov 2024, 00:42

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/27646 - () http://www.securityfocus.com/bid/27646 -
References () https://www.exploit-db.com/exploits/5071 - () https://www.exploit-db.com/exploits/5071 -

Information

Published : 2008-02-07 21:00

Updated : 2024-11-21 00:42


NVD link : CVE-2008-0649

Mitre link : CVE-2008-0649

CVE.ORG link : CVE-2008-0649


JSON object : View

Products Affected

adp

  • astanda_directory_project
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')