Описание
SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23215
- http://pridels0.blogspot.com/2005/11/fantastic-news-category-sql-inj.html
- http://secunia.com/advisories/17758
- http://www.osvdb.org/21162
- http://www.securityfocus.com/bid/15622
- http://www.vupen.com/english/advisories/2005/2595
EPSS
Процентиль: 71%
0.00677
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
EPSS
Процентиль: 71%
0.00677
Низкий