Vulnerabilities > CVE-2006-1007 - Input Validation vulnerability in Nathan Landry N8Cms Sitesuite CMS 1.1/1.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
nathan-landry
exploit available

Summary

Multiple SQL injection vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) dir and (2) page_id parameter to index.php.

Vulnerable Configurations

Part Description Count
Application
Nathan_Landry
2

Exploit-Db

descriptionn8cms 1.1/1.2 index.php Multiple Parameter SQL Injection. CVE-2006-1007. Webapps exploit for php platform
idEDB-ID:27330
last seen2016-02-03
modified2006-02-27
published2006-02-27
reporterLiz0ziM
sourcehttps://www.exploit-db.com/download/27330/
titlen8cms 1.1/1.2 index.php Multiple Parameter SQL Injection