Description
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
Affected products
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/2416
- MISChttp://securityreason.com/securityalert/1158
- MISChttp://securitytracker.com/id?1016334
- MISChttp://www.osvdb.org/26624
- MISChttp://www.securityfocus.com/archive/1/437496/100/100/threaded
- MISChttp://www.securityfocus.com/bid/18492
- VENDOR_ADVISORYhttp://secunia.com/advisories/20745
- MISChttp://retrogod.altervista.org/mambo_46rc1_sql.html
- MISChttp://www.mamboserver.com/?option=com_content&task=view&id=207