Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.
References
Configurations
History
No history.
Information
Published : 2015-01-13 15:59
Updated : 2024-02-28 12:20
NVD link : CVE-2014-100031
Mitre link : CVE-2014-100031
CVE.ORG link : CVE-2014-100031
JSON object : View
Products Affected
ismail_fahmi
- ganesha_digital_library
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')