RSS   Vulnerabilities for 'Yet another news system'   RSS

2006-11-15
 
CVE-2006-5908

 

 
Multiple SQL injection vulnerabilities in the login_user function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top