CVE-2009-4798 Information
Feb 14, 2021
cve
Description
Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp and the (2) brugerid and (3) password fields to the administration login feature.
Reference
http://secunia.com/advisories/34540 http://www.exploit-db.com/exploits/8307 http://www.securityfocus.com/bid/34289 https://exchange.xforce.ibmcloud.com/vulnerabilities/49509 https://exchange.xforce.ibmcloud.com/vulnerabilities/49510
Share on: