SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Alipager | Ajax_softwares | 1.00 (including) | 1.00 (including) |
| Alipager | Ajax_softwares | 1.12 (including) | 1.12 (including) |
References
- http://secunia.com/advisories/20084
- http://www.hamid.ir/security/alipager.txt
- http://www.securityfocus.com/bid/17945
- http://www.vupen.com/english/advisories/2006/1773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26378
- http://secunia.com/advisories/20084
- http://www.hamid.ir/security/alipager.txt
- http://www.securityfocus.com/bid/17945
- http://www.vupen.com/english/advisories/2006/1773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26378