2 matches found
CVE-2006-6747
SQL injection vulnerability in shownews.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the idnews parameter...
CVE-2006-6747
The CVE-2006-6747 entry describes a SQL injection in Xt-News 0.1’s show_news.php, exploitable via the id_news parameter. A remote attacker can cause arbitrary SQL execution (no authentication required; network access; low attack complexity) with potential partial impact to confidentiality, integr...