Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to functions/print.php; or (7) the name parameter to functions/ajax.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bananadance banana dance |