Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bioscripts minitwitter 0.2_beta |