Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-14T16:00:00
Updated: 2024-08-07T10:40:16.975Z
Reserved: 2008-11-14T00:00:00
Link: CVE-2008-5075
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-11-14T18:08:00.027
Modified: 2024-11-21T00:53:13.913
Link: CVE-2008-5075
Redhat
No data.