Описание
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25590
- http://evuln.com/vulns/116/summary.html
- http://secunia.com/advisories/19487
- http://www.osvdb.org/24334
- http://www.osvdb.org/24335
- http://www.osvdb.org/24336
- http://www.securityfocus.com/archive/1/431007/100/0/threaded
- http://www.vupen.com/english/advisories/2006/1196
EPSS
Процентиль: 84%
0.02162
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
EPSS
Процентиль: 84%
0.02162
Низкий