3 matches found
CVE-2006-2857
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action viewarticleaction.class.php...
CVE-2006-2857
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action viewarticleaction.class.php...
CVE-2006-2857
The CVE-2006-2857 entry affects LifeType 1.0.4 and describes an SQL injection in index.php (articleId parameter in the ViewArticle action). The underlying issue is failure to sanitize user input, enabling an unauthenticated attacker to manipulate database queries. The vulnerability can lead to ar...