Lucene search
K

5 matches found

NVD
NVD
added 2006/10/25 10:7 a.m.11 views

CVE-2006-5491

Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

7.5CVSS8.7AI score0.01152EPSS
Exploits0References5
CVE
CVE
added 2006/10/25 10:0 a.m.34 views

CVE-2006-5491

The CVE-2006-5491 entry describes multiple SQL injection vulnerabilities in include/index.php of UltraCMS 0.9, permitting remote attackers to execute arbitrary SQL commands via the username or password parameters. This indicates inadequate input handling in the affected PHP code path. The connect...

7.5CVSS9.1AI score0.01152EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/10/25 10:0 a.m.19 views

CVE-2006-5491

Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

8.7AI score0.01152EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2006/10/21 12:0 a.m.17 views

UltraCMS-0.9.txt

Tunis the 18 October 2006 bug found by fireboy product:UltraCMS 0.9 there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example : http://www.target.com/include/index.php thx...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/10/21 12:0 a.m.105 views

UltraCMS 0.9 sql injection

Tunis the 18 October 2006 bug found by fireboy product:UltraCMS 0.9 there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example : http://www.target.com/include/index.php thx...

1.3AI score
Exploits0
Rows per page
Query Builder