Vulnerabilities > Campware ORG > Campsite > 3.2.3

DATE CVE VULNERABILITY TITLE RISK
2010-05-07 CVE-2010-1867 SQL Injection vulnerability in Campware.Org Campsite
SQL injection vulnerability in the ArticleAttachment::GetAttachmentsByArticleNumber method in javascript/tinymcs/plugins/campsiteattachment/attachments.php in Campsite 3.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
network
low complexity
campware-org CWE-89
7.5
7.5