Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-14T16:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2008-11-14T00:00:00
Link: CVE-2008-5075
JSON object: View
NVD Information
Status : Modified
Published: 2008-11-14T18:08:00.027
Modified: 2017-09-29T01:32:28.227
Link: CVE-2008-5075
JSON object: View
Redhat Information
No data.
CWE