Vulnerabilities > CVE-2006-6776 - Input Validation vulnerability in Future Internet
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Future Internet allow remote attackers to execute arbitrary SQL commands via the (1) newsId or (2) categoryid parameter in a Portal.Showpage action in index.cfm, or (3) the langId parameter in index.cfm.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Future Internet index.cfm Multiple Parameter SQL Injection. CVE-2006-6776. Webapps exploit for cfm platform |
id | EDB-ID:29334 |
last seen | 2016-02-03 |
modified | 2006-12-23 |
published | 2006-12-23 |
reporter | Linux_Drox |
source | https://www.exploit-db.com/download/29334/ |
title | Future Internet index.cfm Multiple Parameter SQL Injection |