PT-2006-3489 · Xtreme · Xtreme Topsites

Luny

Publicado

2006-05-23

Atualizado

2018-10-18

CVE-2006-2543

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Xtreme Topsites version 1.1

Description The issue allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in "join.php".

Recommendations For Xtreme Topsites version 1.1, consider restricting access to the "join.php" file until a patch is available. As a temporary workaround, review and modify the SQL queries in "join.php" to prevent SQL injection attacks.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-2543

Produtos afetados

Xtreme Topsites

PT-2006-3489 · Xtreme · Xtreme Topsites

CVE-2006-2543

Identificadores relacionados

Produtos afetados

Referências · 7