Back to search
CVE-2008-1726
Published: Apr 11, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
28713
vdb-entry
x_refsource_BID
44256
vdb-entry
x_refsource_OSVDB
44255
vdb-entry
x_refsource_OSVDB
5421
exploit
x_refsource_EXPLOIT-DB
28716
vdb-entry
x_refsource_BID
29716
third-party-advisory
x_refsource_SECUNIA
44254
vdb-entry
x_refsource_OSVDB
knowledgequest-kqid-username-sql-injection(41746)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now