Back to search
CVE-2005-0292
Published: Feb 10, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
12289
vdb-entry
x_refsource_BID
1012910
vdb-entry
x_refsource_SECTRACK
phpgiftregistry-sql-injection(18925)
vdb-entry
x_refsource_XF
20050307 Re: phpGiftReq SQL Injection
mailing-list
x_refsource_BUGTRAQ
13873
third-party-advisory
x_refsource_SECUNIA
20050116 phpGiftReq SQL Injection
mailing-list
x_refsource_BUGTRAQ
20050116 phpGiftReq SQL Injection
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now