|
PHPCatalog ID Parameter SQL Injection Vulnerability
A vulnerability has been reported to exist in PHPCatalog that may allow a remote user to inject malicious SQL syntax into database queries. The problem reportedly exists in the URI parameters of PHPCatalog. This issue is caused by insufficient sanitization of user-supplied data. A remote attacker may exploit this issue to influence SQL query logic to have unauthorized SQL queries executed in the database. |
|
|
Privacy Statement |
