3 matches found
Sql injection
SQL injection vulnerability in News/page.asp in NetVIOS Portal allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. NOTE: this issue might be the same as CVE-2006-5954...
CVE-2006-5954
The provided data confirm a SQL injection vulnerability in NetVIOS 2.0 and earlier described as allowed via the NewsID parameter in page.asp. This affects the NewsID handling in News/page.asp, enabling remote attackers to inject arbitrary SQL commands. The vulnerability is reflected in multiple s...
CVE-2006-5954
SQL injection vulnerability in page.asp in NetVIOS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsID parameter...