Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WGCC Web Group Communication Center 多个SQL注入漏洞
Vulnerability Description
Web Group Communication Center (WGCC) 1.0.3 PreRelease 1以及之前的版本存在多个SQL注入漏洞。远程认证用户可以借助(1)"show moreinfo"操作中到(a)profile.php的用户id参数;(2)shownext操作中到(b)picturegallery.php的bildid参数;(3)freigeben操作中到(c)filebase.php的id参数,删除操作中到(d)schedule.php的id参数,observe操作中到(e)pr
CVSS Information
N/A
Vulnerability Type
N/A