CVE-2007-6373 Information

Description

Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow remote attackers to execute arbitrary SQL commands via the (1) categorie parameter to catdownload.php or the id parameter to (2) download.php or (3) hitcounter.php.

Reference

http://marc.info/?l=bugtraq&m=119730791316604&w=2 http://www.securityfocus.com/bid/26799 https://exchange.xforce.ibmcloud.com/vulnerabilities/38945