CVE-2008-5075

Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
Configurations

Configuration 1

cpe:2.3:a:scriptsfrenzy:e-uploader_pro:1.0:*:*:*:*:*:*:*

Information

Published : 2008-11-14 06:08

Updated : 2017-09-29 01:32


NVD link : CVE-2008-5075

Mitre link : CVE-2008-5075

Products Affected
No products.
CWE