CVE-2006-6478

Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) email.php, the (2) no parameter in (b) voirannonce.php, the (3) idmembre parameter in (c) admin/admin_membre/fiche_membre.php, and the (4) idannonce parameter in (d) admin/admin_annonce/okvalannonce.php and (e) admin/admin_annonce/changeannonce.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:scriptphp:annoncescripthp:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-12 00:28

Updated : 2024-02-28 11:01


NVD link : CVE-2006-6478

Mitre link : CVE-2006-6478

CVE.ORG link : CVE-2006-6478


JSON object : View

Products Affected

scriptphp

  • annoncescripthp