CVE-2006-5914

EPSS 1.2%

SQL injection vulnerability in ls.php in SAMEDIA LandShop allows remote attackers to execute arbitrary SQL commands via the infield parameter. NOTE: the start, search_order, search_type, and search_area parameters are already covered by CVE-2005-4018.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/28951unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/22784 http://securityreason.com/securityalert/1864 https://exchange.xforce.ibmcloud.com/vulnerabilities/30164 http://www.securityfocus.com/archive/1/451059/100/0/threaded http://www.securityfocus.com/bid/20989 http://www.vupen.com/english/advisories/2006/4450