Sql injection

2008-06-3018:24:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

38.9%

JSON

SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter.

CPENameOperatorVersion
advanced_webhost_billing_systemeq2.7
advanced_webhost_billing_systemeq2.7.1
advanced_webhost_billing_systemeq2.3.3
advanced_webhost_billing_systemeq2.6.3
advanced_webhost_billing_systemeq2.5

Name	Operator	Version
advanced_webhost_billing_system	eq	2.7
advanced_webhost_billing_system	eq	2.7.1
advanced_webhost_billing_system	eq	2.3.3
advanced_webhost_billing_system	eq	2.6.3
advanced_webhost_billing_system	eq	2.5