virus logo Intrusion Prevention

PHPWebSite.Topics.PHP.SQL.Injection

description-logoDescription

SQL injection vulnerability in topics.php, in Appalachian State University phpWebSite 0.10.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the topic parameter.

affected-products-logoAffected Products

phpWebsite phpWebsite 0.10.2
phpWebsite phpWebsite 0.10.1
+ Gentoo Linux
phpWebsite phpWebsite 0.10
phpWebsite phpWebsite 0.9.3 -4
phpWebsite phpWebsite 0.9.3 -3
phpWebsite phpWebsite 0.9.3 -2
phpWebsite phpWebsite 0.9.3 -1
phpWebsite phpWebsite 0.9.3
phpWebsite phpWebsite 0.8.3
phpWebsite phpWebsite 0.8.2
phpWebsite phpWebsite 0.7.3

Impact logoImpact

Arbitrary SQL commands execution.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 103350916
Created Jan 30, 2007
Updated Apr 23, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2006-0973
Exploit Prediction Score 0.91%
Default Action Unavailable
Active