SQL Injection Vulnerability in Powie pFile Product by Powie
CVE-2012-1210

Currently unrated

Key Information:

Vendor: Powie
Status: Pfile
Vendor: CVE Published:; 24 February 2012

What is CVE-2012-1210?

The SQL injection vulnerability in pfile/file.php of Powie pFile 1.02 enables remote attackers to manipulate SQL queries by injecting arbitrary SQL code through the id parameter. This flaw poses a significant risk as it can potentially allow unauthorized access to sensitive data or enable the execution of unintended commands within the database.

References

http://packetstormsecurity.org/files/109670/Pfile-1.02-Cr...

x_refsource_MISC

http://www.securityfocus.com/bid/51982

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/73166

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 24, 2012
Vulnerability Reserved
Feb 20, 2012

CVE-2012-1210 Data

JSON