RSS   Vulnerabilities for 'Contentnow'   RSS

2006-11-28
 
CVE-2006-6157

CWE-89
 

 
SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top