CVE-2006-0583

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...

Sql injection

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...

CVE-2006-0583

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...

CVE-2006-0583

CVE-2006-0583 describes a SQL injection in Clever Copy 3.0 and earlier, via the ID parameter in mailarticle.php. The vulnerability allows remote attackers to execute arbitrary SQL commands. Affected software is described as Clever Copy 3.0 and earlier; the root cause is improper input handling of...

Clever_Copy_V3_sql.txt

Clever Copy SQL injection vulnerable code in mailarticle.php 11-12 ... $getnews="SELECT from CCnews where entryid='$ID'"; $getnews2=mysqlquery$getnews or die"Could not get blog"; ... "ID" var is not properly sanitized before to be used in a SQL query, poc:...