SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action.
References
Configurations
Information
Published : 2008-04-29 17:10
Updated : 2017-09-28 18:30
NVD link : CVE-2008-2012
Mitre link : CVE-2008-2012
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
postnuke_software_foundation
- postschedule