Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-07-16T18:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2008-07-16T00:00:00
Link: CVE-2008-3191
JSON object: View
NVD Information
Status : Modified
Published: 2008-07-16T18:41:00.000
Modified: 2017-09-29T01:31:34.257
Link: CVE-2008-3191
JSON object: View
Redhat Information
No data.
CWE