Vulnerabilities > CVE-2006-1756 - SQL Injection vulnerability in Matthew Dingley MD News 1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
matthew-dingley

Summary

MD News 1 allows remote attackers to bypass authentication via a direct request to a script in the Administration Area.

Vulnerable Configurations

Part Description Count
Application
Matthew_Dingley
1