SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pluggedout_nexus | Jonathan_beckett | 0.1 (including) | 0.1 (including) |
References
- http://pridels0.blogspot.com/2005/12/pluggedout-nexus-sqlxss-vuln_06.html
- http://secunia.com/advisories/17909
- http://www.osvdb.org/21478
- http://www.securityfocus.com/bid/15724
- http://www.vupen.com/english/advisories/2005/2751
- http://pridels0.blogspot.com/2005/12/pluggedout-nexus-sqlxss-vuln_06.html
- http://secunia.com/advisories/17909
- http://www.osvdb.org/21478
- http://www.securityfocus.com/bid/15724
- http://www.vupen.com/english/advisories/2005/2751