CVE-2006-4673
CVE-2006-4673 · LOW Severity
AV:N/AC:H/AU:N/C:N/I:P/A:N
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.