漏洞标题
N/A
漏洞描述信息
在PDF目录1.0之前,存在多个SQL注入漏洞,使得远程攻击者可以通过多个未定义的输入路径(涉及(1)util.php,(2)userpref.php,(3)user.php,(4)uploadfrm.php,(5)title.php,(6)team.php,(7)stats.php,(8)page.php,(9)org.php,(10)member.php,(11)index.php,(12)group.php或(13)anniv.php)执行任意SQL命令。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors involving (1) util.php, (2) userpref.php, (3) user.php, (4) uploadfrm.php, (5) title.php, (6) team.php, (7) stats.php, (8) page.php, (9) org.php, (10) member.php, (11) index.php, (12) group.php, or (13) anniv.php.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
PDFDirectory SQL注入漏洞
漏洞描述信息
PDFdirectory 1.0之前版本中的多个SQL注入漏洞,允许远程攻击者通过与以下文件有关的多个未明向量执行任意SQL命令:(1) util.php, (2) userpref.php, (3) user.php, (4) uploadfrm.php, (5) title.php, (6) team.php, (7) stats.php, (8) page.php, (9) org.php, (10) member.php, (11) index.php, (12) group.php或(13) a
CVSS信息
N/A
漏洞类别
SQL注入