QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-4698

Back to search

CVE-2009-4698

Published: Mar 15, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

56593
vdb-entry
x_refsource_OSVDB
35820
vdb-entry
x_refsource_BID
56594
vdb-entry
x_refsource_OSVDB
9261
exploit
x_refsource_EXPLOIT-DB
9249
exploit
x_refsource_EXPLOIT-DB
56595
vdb-entry
x_refsource_OSVDB
celepar-aviso-sql-injection(51985)
vdb-entry
x_refsource_XF
35966
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now