Описание
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-6152
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30444
- http://s-a-p.ca/index.php?page=OurAdvisories&id=47
- http://secunia.com/advisories/22987
- http://securityreason.com/securityalert/1926
- http://securitytracker.com/id?1017259
- http://www.securityfocus.com/archive/1/452179/100/100/threaded
- http://www.securityfocus.com/bid/21190
EPSS
CVE ID
Связанные уязвимости
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
EPSS