Description
SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action.
Exploits (1)
References (1)
Core 1
Core References
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-04/0110.html
Scores
EPSS
0.0026
EPSS Percentile
49.1%
Details
CWE
CWE-89
Status
published
Products (1)
ryan_walberg/php_gift_registry
1.5.5
Published
Apr 20, 2012
Tracked Since
Feb 18, 2026