CVE-2014-3962 Information

Description

Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.

Reference

http://packetstormsecurity.com/files/126866/Videos-Tube-1.0-SQL-Injection.html http://secunia.com/advisories/58844 http://www.exploit-db.com/exploits/33514 http://www.securityfocus.com/bid/67766 Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.