CVE Vulnerabilities

CVE-2007-0865

Published: Feb 09, 2007 | Modified: Oct 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter.

Affected Software

Name Vendor Start Version End Version
Lushinews Lushinews 1.00 1.00
Lushinews Lushinews 1.01 1.01

References