5 matches found
CVE-2006-5491
Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...
CVE-2006-5491
The CVE-2006-5491 entry describes multiple SQL injection vulnerabilities in include/index.php of UltraCMS 0.9, permitting remote attackers to execute arbitrary SQL commands via the username or password parameters. This indicates inadequate input handling in the affected PHP code path. The connect...
CVE-2006-5491
Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...
UltraCMS-0.9.txt
Tunis the 18 October 2006 bug found by fireboy product:UltraCMS 0.9 there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example : http://www.target.com/include/index.php thx...
UltraCMS 0.9 sql injection
Tunis the 18 October 2006 bug found by fireboy product:UltraCMS 0.9 there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example : http://www.target.com/include/index.php thx...