Описание
Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) loginvar parameter in (a) admin/admin.php, and the (2) news and (3) nom parameters in (b) news.php.
Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) loginvar parameter in (a) admin/admin.php, and the (2) news and (3) nom parameters in (b) news.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1543
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25529
- http://secunia.com/advisories/19435
- http://www.evuln.com/vulns/112
- http://www.osvdb.org/24273
- http://www.osvdb.org/24274
- http://www.securityfocus.com/archive/1/430674/100/0/threaded
- http://www.securityfocus.com/bid/17316
- http://www.vupen.com/english/advisories/2006/1173
EPSS
CVE ID
Связанные уязвимости
Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) loginvar parameter in (a) admin/admin.php, and the (2) news and (3) nom parameters in (b) news.php.
EPSS