Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) country, (3) email, (4) website, and (5) message parameters.
References
Configurations
Information
Published : 2007-03-06 16:19
Updated : 2018-10-16 09:37
NVD link : CVE-2007-1304
Mitre link : CVE-2007-1304
JSON object : View
CWE
Products Affected
savas_place
- savas_guestbook