cpe:/a:deltascripts:pro_publish:2.0 CVE-2006-2128 2006-04-30T00:00:00.000-04:00 2006-05-01T19:02:00.000-04:00 2017-07-19T21:31:12.303-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-05-02T12:29:00.000-04:00 ALLOWS_OTHER_ACCESS BID 17762 SECUNIA 19882 BUGTRAQ 20060602 Pro Publish SQL Injection and XSS Vulnerabilities OSVDB 25124 OSVDB 25125 OSVDB 25126 OSVDB 25127 VUPEN ADV-2006-1578 MISC http://evuln.com/vulns/130/summary.html MISC http://soot.shabgard.org/bugs/propublish.txt XF propublish-multiple-sql-injection(26148) Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameter to (a) admin/login.php, (3) find_str parameter to (b) search.php, or (4) artid parameter to (c) art.php, or (5) catid parameter to (d) cat.php.