Multiple SQL injection vulnerabilities in PHP Dir Submit (aka WebsiteSubmitter and Submitter Script) allow remote attackers to bypass authentication and gain administrative access via the (1) username and (2) password parameters.
References
Configurations
History
No history.
Information
Published : 2009-05-26 16:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-1787
Mitre link : CVE-2009-1787
CVE.ORG link : CVE-2009-1787
JSON object : View
Products Affected
phpdirsubmit
- php_dir_submit
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')