Secunia
Login
|
|
CVE Reference: CVE-2006-4585 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4585 |
|
|
Description: SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28753 ST 1016788 SREASON http://securityreason.com/securityalert/1508 SAID Secunia Advisory: SA21754 OSVDB 28545 MISC http://acid-root.new.fr/poc/10060903.txt MILW0RM http://milw0rm.com/exploits/2297 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/445079/100/0/threaded BID 19834 |
|
| Return to the previous page. |
