NCM Content Management System content.pl输入验证漏洞

漏洞信息详情

NCM Content Management System content.pl输入验证漏洞

• CNNVD编号：CNNVD-200107-032
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2001-0418
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2001-07-02
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-08-30
  
• 厂        商：
  
  ncm
• 漏洞来源：
  This vulnerability…

NCM Content Management System中的content.pl 脚本存在漏洞。远程攻击者可以通过注入SQL字符到id参数读取目录数据库的任意目录。

An upgrade has been released:
NCM Content Management System

• NCM Content Management SystemThere is currently no link to the upgraded software. This link will take the interested party to a mail interface that will allow them to contact a representative of NCM.
  
  http://www.thinkthewebway.com/en/services/hotline/responder.pl

来源: BID
名称: 2584
链接:http://www.securityfocus.com/bid/2584

来源: BUGTRAQ
名称: 20010413 Exploitable NCM.at – Content Management System
链接:http://archives.neohapsis.com/archives/bugtraq/2001-04/0223.html