Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 and earlier allow remote attackers to execute arbitrary SQL commands via the c parameter to (1) events.php, (2) index.php, or (3) list.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Land_down_under | Neocrome | 700.01 | 700.01 |
Land_down_under | Neocrome | 700.04 | 700.04 |
Land_down_under | Neocrome | 701 | 701 |
Land_down_under | Neocrome | 801 | 801 |
Land_down_under | Neocrome | 700.02 | 700.02 |
Land_down_under | Neocrome | 700.03 | 700.03 |
Land_down_under | Neocrome | 800 | 800 |
Land_down_under | Neocrome | 700.05 | 700.05 |