Multiple SQL injection vulnerabilities in lib-sessions.inc.php in phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allow remote malicious users to execute arbitrary SQL commands via the sessionID parameter in (1) logout.php and (2) index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpadsnew phpadsnew 2.0.4_pr1 |
||
phpadsnew phpadsnew 2.0.5 |
||
phppgads phppgads 2.0.6 |
||
phpadsnew phpadsnew 2_dev_2001-09-30 |
||
phpadsnew phpadsnew 2_dev_2001-10-09 |
||
phpadsnew phpadsnew 2.0_beta5 |
||
phpadsnew phpadsnew 2.0_beta6 |
||
phpadsnew phpadsnew 2.0.6 |
||
phpadsnew phpadsnew 2.0.7_rc1 |