CVE-2006-4585
Summary
SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges.
- LOW
- NETWORK
- SINGLE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published