SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tunez | Tunez | 1.20 | 1.20 |
Tunez | Tunez | 1.21 | 1.21 |
Tunez | Tunez | 0.4 | 0.4 |
Tunez | Tunez | 0.9 | 0.9 |
Tunez | Tunez | 1.15 | 1.15 |
Tunez | Tunez | 0.3 | 0.3 |
Tunez | Tunez | 0.7 | 0.7 |
Tunez | Tunez | 1.0.0 | 1.0.0 |
Tunez | Tunez | 1.1 | 1.1 |
Tunez | Tunez | 0.1 | 0.1 |
Tunez | Tunez | 0.5 | 0.5 |
Tunez | Tunez | 0.2 | 0.2 |
Tunez | Tunez | 0.5.5 | 0.5.5 |