1 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. Vulnerabilidad de inyección SQL en comment.php de PHP Knowledge Base (PHPKB) 1.5 y 2.0 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro ID. • https://www.exploit-db.com/exploits/5428 https://www.exploit-db.com/exploits/12561 http://secunia.com/advisories/29791 http://www.securityfocus.com/bid/28739 https://exchange.xforce.ibmcloud.com/vulnerabilities/41769 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •