SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) prior to 0.29.16 allows remote malicious users to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gplhost domain technologie control 0.26.9 |
||
gplhost domain technologie control 0.29.1 |
||
gplhost domain technologie control 0.27.3 |
||
gplhost domain technologie control 0.28.10 |
||
gplhost domain technologie control 0.26.8 |
||
gplhost domain technologie control 0.28.2 |
||
gplhost domain technologie control 0.26.7 |
||
gplhost domain technologie control 0.28.3 |
||
gplhost domain technologie control |