EDB-30842
webappsaspVERIFIED
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple SQL Injections
CVE-2007-6269
Adrian Pastor12/4/2007
描述
Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.
AI分析AI驱动
受影响产品
xiglaabsolute_news_manager.net
5.1
可用漏洞利用 (1)
参考资料
- http://marc.info/?l=bugtraq&m=119678724111351&w=2
- http://osvdb.org/40576
- http://secunia.com/advisories/27923Vendor Advisory
- http://www.procheckup.com/Vulnerability_PR07-39.php
- http://www.securityfocus.com/bid/26692ExploitPatch
- http://www.xigla.com/news/default.aspx
- http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38871
- http://marc.info/?l=bugtraq&m=119678724111351&w=2
- http://osvdb.org/40576
- http://secunia.com/advisories/27923Vendor Advisory
- http://www.procheckup.com/Vulnerability_PR07-39.php
- http://www.securityfocus.com/bid/26692ExploitPatch
- http://www.xigla.com/news/default.aspx
- http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38871