Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1560

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1560
Last Modified 07 Mar 2011 09:33:18
Published 31 Mar 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1560

Summary

Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. NOTE: portions of the description details are obtained from third party information.

Vulnerable Systems

Application

  • Skintech Phpnewsmanager 1.48


References

XF - phpnewsmanager-multiple-sql-injection(25512)

VUPEN - ADV-2006-1152

BID - 17301

MISC - http://evuln.com/vulns/110

BUGTRAQ - 20060410 [eVuln] phpNewsManager Multiple SQL Injections

BUGTRAQ - 20060408 [eVuln] phpNewsManager Multiple SQL Injections

OSVDB - 24268

OSVDB - 24267

OSVDB - 24266

OSVDB - 24265

SREASON - 680

SECUNIA - 19391


Last Updated: 27 May 2016 10:42:06