Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
References
Configurations
History
No history.
Information
Published : 2011-10-08 10:55
Updated : 2024-02-28 11:41
NVD link : CVE-2010-4916
Mitre link : CVE-2010-4916
CVE.ORG link : CVE-2010-4916
JSON object : View
Products Affected
coldgen
- coldusergroup
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')