CVE-2007-1575 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1575
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1575

Description: Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) unspecified vectors to the (a) calendar and (2) search modules, and an (2) unspecified cookie when the user logs out.

CVE Status: Candidate

References: SREASON http://securityreason.com/securityalert/2466 SAID Secunia Advisory: SA24509 Secunia Advisory: SA25748 MISC http://www.nruns.com/security_advisory_phprojekt_sql_injection.php GENTOO http://security.gentoo.org/glsa/glsa-200706-07.xml CONFIRM http://www.phprojekt.com/index.php?name=News&file=article&sid=276 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/462789/100/0/threaded BID 22955

Return to the previous page.