CVE-2009-2926

Publication date

2009-08-21 20:21:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in PHP Competition System BETA 0.84 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) day parameter to show_matchs.php and (2) pageno parameter to persons.php.