SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter.
References
Configurations
History
No history.
Information
Published : 2007-12-11 21:46
Updated : 2024-02-04 17:13
NVD link : CVE-2007-6311
Mitre link : CVE-2007-6311
CVE.ORG link : CVE-2007-6311
JSON object : View
Products Affected
falt4_cms
- falt4_extreme_rc4
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')