Vulnerabilities > CVE-2006-6787 - SQL Injection vulnerability in Newsletter MX admin_mail_adressee.ASP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Newsletter MX <= 1.0.2 (ID) Remote SQL Injection Exploit. CVE-2006-6787. Webapps exploit for asp platform |
| file | exploits/asp/webapps/2998.pl |
| id | EDB-ID:2998 |
| last seen | 2016-01-31 |
| modified | 2006-12-24 |
| platform | asp |
| port | |
| published | 2006-12-24 |
| reporter | ajann |
| source | https://www.exploit-db.com/download/2998/ |
| title | Newsletter MX <= 1.0.2 ID Remote SQL Injection Exploit |
| type | webapps |