CVE-2008-1968

Publication date

2008-04-27 18:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbitrary SQL commands via the FUNID parameter to (1) CFLookup.asp and (2) CznCommon/CznCustomContainer.asp.