Sql injection

2007-12-0711:46:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.

CPENameOperatorVersion
absolute_news_manager.neteq5.1

CPE	Name	Operator	Version
	absolute_news_manager.net	eq	5.1

References

osvdb.org/40576

secunia.com/advisories/27923

www.procheckup.com/Vulnerability_PR07-39.php

www.securityfocus.com/bid/26692

www.xigla.com/news/default.aspx

www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip

exchange.xforce.ibmcloud.com/vulnerabilities/38871

marc.info/?l=bugtraq&m=119678724111351&w=2