|
CVE Reference: CVE-2007-3526
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2007-3526
|
|
Description:
Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the news_id parameter to view_news.php, (2) the cat_id parameter to view_events.php, or (3) the member_id parameter to video_gallery.php.
|
|
CVE Status:
Candidate
|
|
References:
XF http://xforce.iss.net/xforce/xfdb/35187
OSVDB 38960 38961 38962
MILW0RM http://www.milw0rm.com/exploits/4128
BID 24726
|
|
|
Return to the previous page.
|