SQL Injection Vulnerability in MyCard by MyCard Technologies
CVE-2008-4738

Currently unrated

Key Information:

Vendor: Tufat
Status: Mycard
Vendor: CVE Published:; 24 October 2008

What is CVE-2008-4738?

A vulnerability exists in MyCard 1.0.2, specifically within the gallery.php file, that allows remote attackers to execute arbitrary SQL commands through manipulation of the 'id' parameter. This security flaw can lead to unauthorized data access and potential compromise of the database, making it critical for users to implement mitigation strategies to safeguard their applications.

References

http://secunia.com/advisories/32039

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/31447

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/4476

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 24, 2008
Vulnerability Reserved
Oct 24, 2008

Tufat

What is CVE-2008-4738?

References

Timeline