CVE-2005-3201

Published: Oct 14, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

17115

third-party-advisory

x_refsource_SECUNIA

http://rgod.altervista.org/utopia113.html

x_refsource_MISC

http://www.utopiasoftware.net/

x_refsource_CONFIRM

19942

vdb-entry

x_refsource_OSVDB

20051007 Utopia News Pro 1.1.3 SQL Injection / cross site scripting

mailing-list

x_refsource_BUGTRAQ

utopianewspro-news-sql-injection(22555)

vdb-entry

x_refsource_XF

1015016

vdb-entry

x_refsource_SECTRACK

15028

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-3201

Description

Affected Products

References