Описание
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-1078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56423
- http://www.bugreport.ir/index_68.htm
- http://www.packetstormsecurity.org/1002-exploits/spherecms-sql.txt
- http://www.securityfocus.com/archive/1/509603/100/0/threaded
- http://www.securityfocus.com/bid/38309
Связанные уязвимости
nvd
почти 16 лет назад
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.