Description

SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie.

Remediation

References

CVE-2005-3963

Related Vulnerabilities

MySQL CVE-2019-2946 Vulnerability (CVE-2019-2946)

Django Resource Management Errors Vulnerability (CVE-2015-5963)

WordPress Plugin Stripe Payment for WooCommerce Cross-Site Scripting (3.5.9)

WordPress Plugin Easy Twitter Feed Cross-Site Scripting (1.1)

WordPress Plugin CMS Press Cross-Site Scripting (0.2.3)

Severity

High

Classification

CVE-2005-3963

Tags

Missing Update Known Vulnerabilities