Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly Q-Publishing) allows remote attackers to execute arbitrary SQL commands via the p_news_id parameter to (1) news_and_events_new.asp and (2) news.asp. NOTE: on 20060227, the vendor disputed the accuracy of this report, saying that the p_news_id, news_and_events_new.asp, and news.asp are not specifically part of their product, although they could be dynamically generated through use of the product. Some investigation by CVE suggests evidence that the news_and_events_new.asp page has at least a forced invalid SQL syntax error, but this could not be repeated for news.asp
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quantum Art QP7.Enterprise多个SQL注入漏洞
Vulnerability Description
** 争议 ** Quantum Art QP7.Enterprise(之前的Q-Publishing)存在SQL注入漏洞,远程攻击者可以通过传到(1)news_and_events_new.asp和(2)news.asp的p_news_id参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A