CVE-2005-3744

SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:phpcomasy:phpcomasy:*:*:*:*:*:*:*:*
cpe:2.3:a:phpcomasy:phpcomasy:0.7.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-11-22 11:03

Updated : 2024-02-04 16:52


NVD link : CVE-2005-3744

Mitre link : CVE-2005-3744

CVE.ORG link : CVE-2005-3744


JSON object : View

Products Affected

phpcomasy

  • phpcomasy
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')