CVE-2006-2136

UNRATEDJSON export Create alert

Description

SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL commands via the ID parameter.

Affected products

aznews / aznews1.0 – 1.0

References

MISChttp://www.securityfocus.com/bid/17761
MISChttp://evuln.com/vulns/126/
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1579
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/26136
VENDOR_ADVISORYhttp://secunia.com/advisories/19888
MISChttp://securitytracker.com/id?1016036