Vulnerabilities > CVE-2006-4072 - SQL-Injection vulnerability in Club-Nuke 2.0Lcid2048
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp. User Logins must be enabled by Admin to exploit this vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) SQL Injection. CVE-2006-4072. Webapps exploit for asp platform |
| file | exploits/asp/webapps/2150.txt |
| id | EDB-ID:2150 |
| last seen | 2016-01-31 |
| modified | 2006-08-08 |
| platform | asp |
| port | |
| published | 2006-08-08 |
| reporter | ASIANEAGLE |
| source | https://www.exploit-db.com/download/2150/ |
| title | CLUB-Nuke XP 2.0 LCID 2048 Turkish Version - SQL Injection |
| type | webapps |