SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111143649730845&w=2 | |
http://secunia.com/advisories/14642 | Patch Vendor Advisory |
http://securitytracker.com/id?1013493 | Exploit |
http://www.securityfocus.com/bid/12860 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19787 |
Configurations
History
No history.
Information
Published : 2005-05-02 04:00
Updated : 2024-02-04 16:52
NVD link : CVE-2005-0841
Mitre link : CVE-2005-0841
CVE.ORG link : CVE-2005-0841
JSON object : View
Products Affected
phpmyfamily
- phpmyfamily
CWE