|
|
CVE Reference: CVE-2005-2398 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2398 |
|
|
Description: Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows remote attackers to execute arbitrary SQL commands via (1) the sid, start, and id parameters to browse.php, the sid parameter to (2) dataentry.php, (3) export.php, (4) admin.php, (5) conditions.php, (6) spss.php, (7) deletesurvey.php, (8) dumpsurvey.php, or (9) statistics.php, or the lid parameter to (10) labels.php or (11) dumplabel.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/21444 ST 1014538 SAID Secunia Advisory: SA16123 OSVDB 18108 18107 18106 18105 18104 18103 18102 18101 18100 18099 18098 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=112188282401681&w=2 BID 14331 |
|
| Return to the previous page. |
