CVE-2006-1954 Information

Feb 14, 2021 cve

Description

SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the User field.

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html http://secunia.com/advisories/19728 http://www.g-0.org/code/rz2-adv.html http://www.osvdb.org/24752 http://www.securityfocus.com/bid/17588 http://www.vupen.com/english/advisories/2006/1425 https://exchange.xforce.ibmcloud.com/vulnerabilities/25911 https://www.exploit-db.com/exploits/1699

Share on: