Vulnerabilities > TLM CMS > TLM CMS > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-11 | CVE-2007-4808 | SQL Injection vulnerability in TLM CMS TLM CMS 1.1/3.2 Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir action, (4) the ID parameter to affichage.php, (5) the id_sal parameter to mod_forum/afficher.php, or (6) the id_sujet parameter to mod_forum/messages.php. | 7.5 |