SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843.
References
Configurations
History
No history.
Information
Published : 2010-01-18 20:30
Updated : 2024-02-04 17:54
NVD link : CVE-2009-4624
Mitre link : CVE-2009-4624
CVE.ORG link : CVE-2009-4624
JSON object : View
Products Affected
nicecoder
- idesk
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')