CVE-2005-0292 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0 and possibly other versions before 1.5.0b1 allow remote attackers to execute arbitrary SQL commands via the (1) messageid (2) shopper (3) shopfor or (4) itemid parameters.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030965.html http://marc.info/?l=bugtraq&m=110599710017066&w=2 http://secunia.com/advisories/13873 http://securitytracker.com/id?1012910 http://www.securityfocus.com/archive/1/392485 http://www.securityfocus.com/bid/12289 https://exchange.xforce.ibmcloud.com/vulnerabilities/18925

Share on: