Security Advisory

CVE-2009-3148

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-09-10 18:00:00

Last updated 2024-08-07 06:14:56

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php.

← Browse all CVEs View on cve.org ↗