Sql injection

2011-10-0910:55:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
wanewslettereq2.1.2

CPE	Name	Operator	Version
	wanewsletter	eq	2.1.2

References

packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt

securityreason.com/securityalert/8462

www.securityfocus.com/bid/43440

exchange.xforce.ibmcloud.com/vulnerabilities/61993

www.exploit-db.com/exploits/15090