SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 up to and including 1.0.10d allows remote malicious users to modify the backend database via the (1) table and (2) field parameters in LinkClick.aspx.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetnuke dotnetnuke 1.0.10d |
||
dotnetnuke dotnetnuke 1.0.6 |
||
dotnetnuke dotnetnuke 1.0.7 |
||
dotnetnuke dotnetnuke 1.0.8 |
||
dotnetnuke dotnetnuke 1.0.9 |