Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Npds |
Npds |
5.0 |
5.0 |
Npds |
Npds |
4.8 |
4.8 |
References