CVE-2009-4624

Publication date

2010-01-18 20:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843.