Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
References
Configurations
History
No history.
Information
Published : 2008-05-21 13:24
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2394
Mitre link : CVE-2008-2394
CVE.ORG link : CVE-2008-2394
JSON object : View
Products Affected
tagworx
- tagworx_cms
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')