Security Advisory

CVE-2006-4667

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-09-09 00:00:00

Last updated 2024-08-07 19:23:41

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php.

← Browse all CVEs View on cve.org ↗