← Voltar para CVEs
CVE-2006-0727
N/ADescricao
SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/16/2006
Ultima modificacao4/16/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
musox:df_msanalysis
Referencias
http://dragonflycms.org/Forums/viewtopic/t=14751.html(cve@mitre.org)
http://dragonflycms.org/Forums/viewtopic/t=14877/postdays=0/postorder=asc/start=15.html(cve@mitre.org)
http://www.osvdb.org/23060(cve@mitre.org)
http://www.osvdb.org/23250(cve@mitre.org)
http://www.securityfocus.com/bid/16783(cve@mitre.org)
http://www.vupen.com/english/advisories/2006/0688(cve@mitre.org)
http://dragonflycms.org/Forums/viewtopic/t=14751.html(af854a3a-2127-422b-91ae-364da2661108)
http://dragonflycms.org/Forums/viewtopic/t=14877/postdays=0/postorder=asc/start=15.html(af854a3a-2127-422b-91ae-364da2661108)
http://dragonflycms.org/cvs/html/includes/functions/linking.php?b=9.19.2(af854a3a-2127-422b-91ae-364da2661108)
http://dragonflycms.org/cvs/html/includes/functions/linking.php?d=9.23-9.22(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/23060(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/23250(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/16783(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/0688(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.