CVE-2006-3111

CVE-2006-3111

EPSS 1.3%

Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by (1) anfang, (2) name, (3) mail, (4) anrede, (5) vorname, (6) nachname, (7) gebtag, (8) gebmonat, and (9) gebjahr.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://marc.info/?l=bugtraq&m=115024576618386&w=2 http://secunia.com/advisories/20643 http://securitytracker.com/id?1016315 https://exchange.xforce.ibmcloud.com/vulnerabilities/27158 http://www.securityfocus.com/bid/18463 http://www.vupen.com/english/advisories/2006/2359