Описание
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name.
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24920
- https://www.exploit-db.com/exploits/1562
- http://archives.neohapsis.com/archives/bugtraq/2006-02/0449.html
- http://marc.info/?l=full-disclosure&m=114079912721723&w=2
- http://secunia.com/advisories/19157
- http://securitytracker.com/id?1015677
- http://www.nukedx.com/?viewdoc=10
- http://www.osvdb.org/23618
- http://www.securityfocus.com/bid/16813
- http://www.vupen.com/english/advisories/2006/0881
Связанные уязвимости
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name.