Back to search
CVE-2008-6618
Published: Apr 6, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30365
third-party-advisory
x_refsource_SECUNIA
45640
vdb-entry
x_refsource_OSVDB
20080526 Class System v2.3 Multiple Remote Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
classsystem-teacherid-sql-injection(42650)
vdb-entry
x_refsource_XF
http://www.chroot.org/exploits/chroot_uu_005
x_refsource_MISC
29372
vdb-entry
x_refsource_BID
45639
vdb-entry
x_refsource_OSVDB
ADV-2008-1664
vdb-entry
x_refsource_VUPEN
45641
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now