Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0413

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0413
Last Modified 08 Sep 2011 12:00:00
Published 25 Jan 2006 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0413

Summary

Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter.

Vulnerable Systems

Application

  • Newsphp


References

XF - newsphp-index-sql-injection(24320)

VUPEN - ADV-2006-0341

BID - 16339

BUGTRAQ - 20060122 Newsphp Multiple SQL Injection Vulnerabilities

OSVDB - 22717

SECUNIA - 18624


Last Updated: 27 May 2016 10:41:38