CVE-2006-4072
Summary
Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published