Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote malicious users to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b) comments.php and (c) memberlist.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wsn knowledge base wsn knowledge base |