Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) email.php, the (2) no parameter in (b) voirannonce.php, the (3) idmembre parameter in (c) admin/admin_membre/fiche_membre.php, and the (4) idannonce parameter in (d) admin/admin_annonce/okvalannonce.php and (e) admin/admin_annonce/changeannonce.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-12-12T00:00:00
Updated: 2024-08-07T20:26:46.515Z
Reserved: 2006-12-11T00:00:00
Link: CVE-2006-6478
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-12-12T00:28:00.000
Modified: 2024-11-21T00:22:46.970
Link: CVE-2006-6478
Redhat
No data.