Vulnerabilities > CVE-2006-1613 - Unspecified vulnerability in Aweb Labs Awebnews 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN aweb-labs
exploit available
Summary
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | aWebNews 1.2 visview.php _GET['cid'] Parameter SQL Injection. CVE-2006-1613 . Webapps exploit for php platform |
| id | EDB-ID:27560 |
| last seen | 2016-02-03 |
| modified | 2006-04-03 |
| published | 2006-04-03 |
| reporter | Aliaksandr Hartsuyeu |
| source | https://www.exploit-db.com/download/27560/ |
| title | aWebNews 1.2 - visview.php _GET'cid' Parameter SQL Injection |
References
- http://evuln.com/vulns/116/summary.html
- http://evuln.com/vulns/116/summary.html
- http://secunia.com/advisories/19487
- http://secunia.com/advisories/19487
- http://www.osvdb.org/24334
- http://www.osvdb.org/24334
- http://www.osvdb.org/24335
- http://www.osvdb.org/24335
- http://www.osvdb.org/24336
- http://www.osvdb.org/24336
- http://www.securityfocus.com/archive/1/431007/100/0/threaded
- http://www.securityfocus.com/archive/1/431007/100/0/threaded
- http://www.vupen.com/english/advisories/2006/1196
- http://www.vupen.com/english/advisories/2006/1196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25590
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25590