Description

SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'.

Remediation

References

CVE-2013-3638

Related Vulnerabilities

WordPress Plugin GorillaForms-Custom Contact Forms Unspecified Vulnerability (2.0.3)

PHP Other Vulnerability (CVE-2007-4507)

MySQL CVE-2019-2946 Vulnerability (CVE-2019-2946)

WordPress Plugin Elementor Website Builder Multiple Vulnerabilities (3.16.4)

Oracle Database Server CVE-2011-3511 Vulnerability (CVE-2011-3511)

Severity

High

Classification

CVE-2013-3638 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities