Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter.
References
Configurations
History
No history.
Information
Published : 2006-01-25 11:03
Updated : 2024-02-04 16:52
NVD link : CVE-2006-0413
Mitre link : CVE-2006-0413
CVE.ORG link : CVE-2006-0413
JSON object : View
Products Affected
newsphp
- newsphp
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')