PT-2006-1238 · Foro · Foro Domus
Published
2006-01-10
·
Updated
2017-07-20
·
CVE-2006-0159
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Foro Domus version 2.10
Description
A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is related to the
email parameter in the escribir.php file.Recommendations
For version 2.10, consider restricting access to the escribir.php file or avoiding the use of the
email parameter until a fix is available.Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foro Domus