CVE-2006-0727

2006-02-16T11:02:00
ID CVE-2006-0727
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:30:00

Description

SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.