Vulnerabilities > CVE-2006-2763 - SQL-Injection vulnerability in PRE Projects PRE News Manager 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Pre News Manager 1.0 Remote SQL Injection Vulnerability. CVE-2006-2763. Webapps exploit for php platform id EDB-ID:3841 last seen 2016-01-31 modified 2007-05-03 published 2007-05-03 reporter Mehmet Ince source https://www.exploit-db.com/download/3841/ title Pre News Manager 1.0 - Remote SQL Injection Vulnerability description Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability. CVE-2006-2763. Webapps exploit for php platform file exploits/php/webapps/5803.txt id EDB-ID:5803 last seen 2016-01-31 modified 2008-06-13 platform php port published 2008-06-13 reporter K-159 source https://www.exploit-db.com/download/5803/ title Pre News Manager <= 1.0 index.php id SQL Injection Vulnerability type webapps
References
- http://secunia.com/advisories/20284
- http://www.osvdb.org/26073
- http://www.osvdb.org/26074
- http://www.osvdb.org/26075
- http://www.osvdb.org/26076
- http://www.osvdb.org/26077
- http://www.osvdb.org/26078
- http://www.osvdb.org/26079
- http://www.securityfocus.com/archive/1/493369/100/0/threaded
- http://www.securityfocus.com/archive/1/497185/100/0/threaded
- http://www.securityfocus.com/archive/1/497219/100/0/threaded
- http://www.vupen.com/english/advisories/2006/1990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34035
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43070
- https://www.exploit-db.com/exploits/5803