XlentProjects SphereCMS 1.1 'archive.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38309/info SphereCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

CVE-2010-1078

SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...

CVE-2010-1078

CVE-2010-1078 concerns a SQL injection in SphereCMS 1.1 alpha (archive.php, view parameter) where encoded null bytes (%00) bypass a protection mechanism, enabling arbitrary SQL commands. Documentation across sources (NVD, CVE records, PRION/CVELIST mirrors) confirms the vulnerability in XlentProj...

CVE-2010-1078

SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...