SQL injection vulnerability in search.php in VCD-db 0.98 and earlier allows remote attackers to execute arbitrary SQL commands via the by parameter.
Software | From | Fixed in |
---|---|---|
vcd-db / vcd-db | 0.961 | 0.961.x |
vcd-db / vcd-db | 0.97 | 0.97.x |
vcd-db / vcd-db | 0.971 | 0.971.x |
vcd-db / vcd-db | 0.972 | 0.972.x |
vcd-db / vcd-db | 0.973 | 0.973.x |
vcd-db / vcd-db | 0.98 | 0.98.x |