Описание
Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php.
Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1641
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25624
- http://evuln.com/vulns/118/summary.html
- http://secunia.com/advisories/19541
- http://securitytracker.com/id?1015957
- http://www.osvdb.org/24382
- http://www.osvdb.org/24383
- http://www.osvdb.org/24384
- http://www.securityfocus.com/archive/1/431132/100/0/threaded
- http://www.securityfocus.com/bid/17380
- http://www.vupen.com/english/advisories/2006/1237
EPSS
Процентиль: 79%
0.01294
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php.
EPSS
Процентиль: 79%
0.01294
Низкий