Vulnerabilities > CVE-2006-6542 - Unspecified vulnerability in Fantastic News Fantastic News
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN fantastic-news
exploit available
Summary
SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Fantastic News 2.1.4 (news.php) Remote SQL Injection Exploit. CVE-2006-6542. Webapps exploit for php platform |
| file | exploits/php/webapps/2906.pl |
| id | EDB-ID:2906 |
| last seen | 2016-01-31 |
| modified | 2006-12-09 |
| platform | php |
| port | |
| published | 2006-12-09 |
| reporter | Bl0od3r |
| source | https://www.exploit-db.com/download/2906/ |
| title | Fantastic News 2.1.4 news.php Remote SQL Injection Exploit |
| type | webapps |