Vulnerabilities > CVE-2006-3359 - Unspecified vulnerability in Newsphp 2006Pro

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

newsphp

exploit available

NVD

Published: 2006-07-06

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PRO allow remote attackers to inject arbitrary web script or HTML via the (1) words, (2) id, (3) topmenuitem, and (4) cat_id parameters in (a) index.php; and the (5) category parameter in (b) inc/rss_feed.php.

Vulnerable Configurations

Part	Description	Count
Application	Newsphp Newsphp Newsphp 2006_Pro	1

Exploit-Db

description	newsPHP 2006 PRO inc/rss_feed.php category Parameter SQL Injection. CVE-2006-3359. Webapps exploit for php platform
id	EDB-ID:28134
last seen	2016-02-03
modified	2006-06-29
published	2006-06-29
reporter	securityconnection
source	https://www.exploit-db.com/download/28134/
title	newsPHP 2006 PRO inc/rss_feed.php category Parameter SQL Injection

Summary

Vulnerable Configurations

Exploit-Db

References