Particle Links SQL Injection Vulnerability
BID:18342
CVE-2006-2904 |Info
Particle Links SQL Injection Vulnerability
| Bugtraq ID: | 18342 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-2904 CVE-2006-3008 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2006 12:00AM |
| Updated: | Jul 06 2016 01:33PM |
| Credit: | Luny is credited with discovering this vulnerability. |
| Vulnerable: |
Particle Soft Particle Links 1.2.2 |
| Not Vulnerable: | |
Discussion
Particle Links SQL Injection Vulnerability
Particle Links is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Particle Links is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Exploit / POC
Particle Links SQL Injection Vulnerability
This issue can be exploited through a web client.
This issue can be exploited through a web client.
Solution / Fix
Particle Links SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]