|
|
CVE Reference: CVE-2006-0727 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0727 |
|
|
Description: SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name. |
|
|
CVE Status: Candidate |
|
|
References: OSVDB 23060 23250 CONFIRM http://dragonflycms.org/cvs/html/includes/functions/linking.php?b=9.19.2 http://dragonflycms.org/cvs/html/includes/functions/linking.php?d=9.23-9.22 http://dragonflycms.org/Forums/viewtopic/t=14877/postdays=0/postorder=asc/start=15.html http://dragonflycms.org/Forums/viewtopic/t=14751.html BID 16783 |
|
| Return to the previous page. |
