SQL injection vulnerability in save.php in PHPSurveyor 0.995 and previous versions allows remote malicious users to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpsurveyor phpsurveyor 0.97_beta |
||
phpsurveyor phpsurveyor 0.98_beta |
||
phpsurveyor phpsurveyor 0.98_stable |
||
phpsurveyor phpsurveyor 0.99 |
||
phpsurveyor phpsurveyor 0.991 |
||
phpsurveyor phpsurveyor 0.992 |
||
phpsurveyor phpsurveyor 0.96_beta |
||
phpsurveyor phpsurveyor 0.993 |
||
phpsurveyor phpsurveyor 0.995 |