SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote malicious users to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vastal phpvid 1.1 |