Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action.
References
Configurations
Information
Published : 2007-11-15 14:46
Updated : 2017-09-28 18:29
NVD link : CVE-2007-6004
Mitre link : CVE-2007-6004
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
toko
- instan