Vulnerabilities > CVE-2006-4072 - SQL-Injection vulnerability in Club-Nuke 2.0Lcid2048
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp. User Logins must be enabled by Admin to exploit this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) SQL Injection. CVE-2006-4072. Webapps exploit for asp platform |
file | exploits/asp/webapps/2150.txt |
id | EDB-ID:2150 |
last seen | 2016-01-31 |
modified | 2006-08-08 |
platform | asp |
port | |
published | 2006-08-08 |
reporter | ASIANEAGLE |
source | https://www.exploit-db.com/download/2150/ |
title | CLUB-Nuke XP 2.0 LCID 2048 Turkish Version - SQL Injection |
type | webapps |