CVE-2008-5895

Publication date

2009-01-12 19:27:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.