Описание
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected.
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5131
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36831
- https://www.exploit-db.com/exploits/4459
- http://osvdb.org/39624
- http://securityvulns.ru/Rdocument901.html
- http://www.securityfocus.com/archive/1/482006/100/0/threaded
- http://www.securityfocus.com/bid/25820
Связанные уязвимости
nvd
больше 18 лет назад
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected.