CVE-2006-2763
CVE-2006-2763
SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/5803no verificadoexploitdbwww.exploit-db.com/exploits/3841no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/20284https://exchange.xforce.ibmcloud.com/vulnerabilities/34035https://exchange.xforce.ibmcloud.com/vulnerabilities/43070https://www.exploit-db.com/exploits/5803http://www.osvdb.org/26073http://www.osvdb.org/26074http://www.osvdb.org/26075http://www.osvdb.org/26076http://www.osvdb.org/26077http://www.osvdb.org/26078http://www.osvdb.org/26079http://www.securityfocus.com/archive/1/493369/100/0/threaded