CVE-2006-5908 in Yet Another News Systeminformazioni

Riassunto

di MITRE

Multiple SQL injection vulnerabilities in the login_user function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

15/11/2006

Divulgazione

15/11/2006

Moderazione

accettato

Voce

VDB-33271

CPE

pronto

CWE

CWE-89 (confermato)

CVSS

7.5 (NVD)

EPSS

0.01195

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-5908
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5908
CVE Details	https://www.cvedetails.com/cve/CVE-2006-5908/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!