Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the gid parameter in a view action in the GALLERY Modules.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-08-08T01:52:00
Updated: 2024-08-07T14:46:39.385Z
Reserved: 2007-08-07T00:00:00
Link: CVE-2007-4210
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-08-08T02:17:00.000
Modified: 2024-11-21T00:35:03.090
Link: CVE-2007-4210
Redhat
No data.