Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-09-10T18:00:00

Updated: 2024-08-07T06:14:56.396Z

Reserved: 2009-09-10T00:00:00

Link: CVE-2009-3148

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-09-10T18:30:00.297

Modified: 2024-11-21T01:06:38.343

Link: CVE-2009-3148

cve-icon Redhat

No data.