 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts |
CVE-2008-2678 (Telephone Directory 2008)This is a discussion on "CVE-2008-2678 (Telephone Directory 2008)" within the Advisories part of the Computer Security: Discussions section; Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. ... |
 |
| | LinkBack | Thread Tools | Display Modes |
12-06-08
| |||
| |||
 CVE-2008-2678 (Telephone Directory 2008) Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. More...  |
| Sponsor | ||
| ||
| |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| CVE-2008-2677 (Telephone Directory 2008) | Heap | Advisories | 0 | 12-06-08 16:36 |
| Telephone Directory 2008 Arbitrary Delete Contact Exploit | Heap | Public | 0 | 10-06-08 04:40 |
| Telephone Directory 2008 (SQL/XSS) Multiple Remote Vulnerabilities | Heap | Public | 0 | 09-06-08 19:58 |
