CVE-2008-6274

CVE-2008-6274 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in index.php in FamilyProject 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the logmbr parameter (aka login field) or (2) the mdpmbr parameter (aka pass or "Mot de passe" field). NOTE: some of these details are obtained from third party information.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.