Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors involving (1) util.php, (2) userpref.php, (3) user.php, (4) uploadfrm.php, (5) title.php, (6) team.php, (7) stats.php, (8) page.php, (9) org.php, (10) member.php, (11) index.php, (12) group.php, or (13) anniv.php.
References
Link | Resource |
---|---|
http://secunia.com/advisories/18459 | Patch Vendor Advisory |
http://sourceforge.net/project/shownotes.php?release_id=382411&group_id=122682 | Patch |
http://www.osvdb.org/22403 | Patch |
http://www.osvdb.org/22404 | Patch |
http://www.osvdb.org/22405 | Patch |
http://www.osvdb.org/22406 | Patch |
http://www.osvdb.org/22407 | Patch |
http://www.osvdb.org/22408 | Patch |
http://www.osvdb.org/22409 | Patch |
http://www.osvdb.org/22410 | Patch |
http://www.osvdb.org/22411 | Patch |
http://www.osvdb.org/22412 | Patch |
http://www.osvdb.org/22413 | Patch |
http://www.osvdb.org/22414 | Patch |
http://www.osvdb.org/22415 | Patch |
http://www.securityfocus.com/bid/16273 | Patch |
http://www.vupen.com/english/advisories/2006/0231 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-01-19 01:03
Updated : 2011-03-08 02:29
NVD link : CVE-2006-0313
Mitre link : CVE-2006-0313
CVE.ORG link : CVE-2006-0313
JSON object : View
Products Affected
pdfdirectory
- pdfdirectory
CWE