CVE-2006-2879 Information

Description

SQL injection vulnerability in newscomments.php in Alex News-Engine 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.

Reference

http://secunia.com/advisories/20469 http://securityreason.com/securityalert/1057 http://www.securityfocus.com/archive/1/435988 http://www.securityfocus.com/bid/18274 http://www.vupen.com/english/advisories/2006/2151 https://exchange.xforce.ibmcloud.com/vulnerabilities/26946