Security Advisory

CVE-2006-1685

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-04-10 23:00:00

Last updated 2024-08-07 17:19:49

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality. NOTE: this vulnerability also allows resultant path disclosure when the SQL queries are invalid.

← Browse all CVEs View on cve.org ↗