CVE-2006-1837

Properties

Published:
18.04.2006
Updated:
20.04.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Product:
Clanscripte.net: Fuju News

Vulnerability description

SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

References:

http://milw0rm.com/exploits/1682: http://milw0rm.com/exploits/1682
BID: http://www.securityfocus.com/bid/17572
FRSIRT: http://www.frsirt.com/english/advisories/2006/1374
SECUNIA: http://secunia.com/advisories/19677