SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.
References
Configurations
Information
Published : 2008-05-06 08:20
Updated : 2018-10-11 13:39
NVD link : CVE-2008-2087
Mitre link : CVE-2008-2087
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
softbiz
- web_hosting_directory_script