Security Advisory

CVE-2005-4005

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-12-05 01:00:00

Last updated 2024-08-07 23:31:48

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php.

← Browse all CVEs View on cve.org ↗