Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php. NOTE: the cat parameter is already covered by CVE-2008-4157.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-08-19T20:00:00Z
Updated: 2024-09-16T18:23:48.504Z
Reserved: 2013-08-19T00:00:00Z
Link: CVE-2013-5311
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-08-19T21:10:42.513
Modified: 2024-11-21T01:57:17.233
Link: CVE-2013-5311
Redhat
No data.