← volver
CVE-2006-3799

CVE-2006-3799

EPSS 1.4%
DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION SELECT."
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.htmlhttp://secunia.com/advisories/21116http://securityreason.com/securityalert/1254http://www.securityfocus.com/archive/1/440435/100/0/threadedhttp://www.securityfocus.com/bid/19052http://www.vupen.com/english/advisories/2006/2879