Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 and earlier allow remote attackers to execute arbitrary SQL commands via the c parameter to (1) events.php, (2) index.php, or (3) list.php.
Software | From | Fixed in |
---|---|---|
neocrome / land_down_under | 700.01 | 700.01.x |
neocrome / land_down_under | 700.02 | 700.02.x |
neocrome / land_down_under | 700.03 | 700.03.x |
neocrome / land_down_under | 700.04 | 700.04.x |
neocrome / land_down_under | 700.05 | 700.05.x |
neocrome / land_down_under | 701 | 701.x |
neocrome / land_down_under | 800 | 800.x |
neocrome / land_down_under | 801 | 801.x |