SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter.
References
Configurations
History
No history.
Information
Published : 2008-03-12 17:44
Updated : 2024-02-28 11:01
NVD link : CVE-2008-1295
Mitre link : CVE-2008-1295
CVE.ORG link : CVE-2008-1295
JSON object : View
Products Affected
gregory_kokanosky
- phpmynewsletter
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')