MidnightBSD

Advisories for topicsviewer

CVE-2014-10023 HIGH

Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
topicsviewer topicsviewer 3.0