CVE-2006-4072

Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp.

Date published : 2006-08-10

http://www.securityfocus.com/bid/19442

https://www.exploit-db.com/exploits/2150