Fantastic Scripts Fantastic News 2.1.1 - 'news.php' SQL Injection
| EKU-ID: 31955 | CVE: CVE-2005-3846;OSVDB-21162 | OSVDB-ID: |
| Author: r0t3d3Vil | Published: 2005-11-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31955 | CVE: CVE-2005-3846;OSVDB-21162 | OSVDB-ID: |
| Author: r0t3d3Vil | Published: 2005-11-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/15622/info Fantastic News is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Fantastic News 2.1.1 and prior versions are affected. http://www.example.com/news.php?action=news&category=[SQL]