CVE-2009-3500

Publication date

2009-09-30 15:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.