Sql injection

2008-06-1822:41:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.3%

JSON

SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.

CPENameOperatorVersion
absolute_news_manager_xeeq3.2

CPE	Name	Operator	Version
	absolute_news_manager_xe	eq	3.2

References

bugreport.ir/index.php?/41

secunia.com/advisories/30643

securityreason.com/securityalert/3950

www.securityfocus.com/bid/29672

exchange.xforce.ibmcloud.com/vulnerabilities/43043

marc.info/?l=bugtraq&m=121322052622903&w=2