|
|
CVE Reference: CVE-2006-3959 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3959 |
|
|
Description: SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28088 SAID Secunia Advisory: SA21282 OSVDB 27635 MISC http://downloads.securityfocus.com/vulnerabilities/exploits/x-protection_poc.txt BID 19235 |
|
| Return to the previous page. |
