CVE-2004-2567 Information

Description

Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) user id (2) recipe id (3) category id and (4) other ID number fields.

Reference

http://secunia.com/advisories/11533 http://securitytracker.com/id?1009984 http://sourceforge.net/project/shownotes.php?group_id=90737&release_id=234415 http://www.securityfocus.com/bid/10250 https://exchange.xforce.ibmcloud.com/vulnerabilities/16024