Description

SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

Remediation

References

CVE-2008-5946

Related Vulnerabilities

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301)

Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10401)

WordPress Plugin YITH WooCommerce Wishlist SQL Injection (2.1.2)

WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)

Severity

High

Classification

CVE-2008-5946 CWE-138

Tags

Missing Update Known Vulnerabilities