| ID | CVE-2006-0774 | ||||||
| Sažetak | SQL injection vulnerability in deleteSession() in DB_eSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $_sess_id_set variable, which is usually derived from PHPSESSID. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:N/C:P/I:P/A:P | ||||||
| Zadnje važnije ažuriranje | 19-10-2018 - 15:46 | ||||||
| Objavljeno | 19-02-2006 - 00:02 |
