Vulnonym.org

CVE-2005-0292 - Warranted Ainu Dog

Description

Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0 and possibly other versions before 1.5.0b1 allow remote attackers to execute arbitrary SQL commands via the (1) messageid (2) shopper (3) shopfor or (4) itemid parameters.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030965.html http://www.securityfocus.com/archive/1/392485 http://www.securityfocus.com/bid/12289 http://secunia.com/advisories/13873 http://securitytracker.com/id?1012910 http://marc.info/?l=bugtraq&m=110599710017066&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18925