PRIOn knowledge basePRION:CVE-2006-0205Sql injection
Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php (involving v_login.php and s_user.php) and (2) have other unknown impact via certain other fields in unspecified scripts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordcircle | eq | 2.17 |
References
evuln.com/vulns/27/summary.html
evuln.com/vulns/28/summary.html
secunia.com/advisories/18440
securityreason.com/securityalert/345
securityreason.com/securityalert/346
www.osvdb.org/22358
www.securityfocus.com/archive/1/421745/100/0/threaded
www.securityfocus.com/archive/1/421746/100/0/threaded
www.securityfocus.com/bid/16227
www.vupen.com/english/advisories/2006/0185
exchange.xforce.ibmcloud.com/vulnerabilities/24105
exchange.xforce.ibmcloud.com/vulnerabilities/24108
Related
