CVE-2006-0602

CVE-2006-0602

EPSS 2.2%

Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to check.php or the id parameter to (2) admin/edit_smilie.php, (3) admin/add_theme.php, (4) admin/ban_ip.php, (5) admin/add_lang.php, or (6) admin/edit_filter.php.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://evuln.com/vulns/58/summary.html http://secunia.com/advisories/18758 http://securitytracker.com/id?1015620 http://www.securityfocus.com/archive/1/424740/100/0/threaded http://www.securityfocus.com/bid/16541 http://www.vupen.com/english/advisories/2006/0480