CVE-2006-4673

CVE-2006-4673 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.