Release DateNov 16, 2011 |
Severitymedium |
ImpactData Manipulation. |
DescriptionThis indicates an attempt to exploit a SQL injection vulnerability in GNUTURK.A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request to the "mods.php" script with injecting SQL statements in "t_id" parameter. |
Affected ProductsGNUTURK PORTAL 2G and prior. |
Recommended ActionsCurrently we are not aware of any vendor-supplied patches for this issue.http://www.gnuturk.com/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-4867 |
Reference/shttp://www.securityfocus.com/bid/20069 (BugTraq) |
