Описание
SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field.
SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2499
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26586
- http://colander.altervista.org/advisory/CANews.txt
- http://secunia.com/advisories/20171
- http://www.osvdb.org/25652
- http://www.securityfocus.com/archive/1/434730/100/0/threaded
- http://www.securityfocus.com/bid/18031
- http://www.vupen.com/english/advisories/2006/1870
EPSS
Процентиль: 75%
0.00879
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field.
EPSS
Процентиль: 75%
0.00879
Низкий