CVE-2006-3307

2006-06-29T01:05:00
ID CVE-2006-3307
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:32:00

Description

Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters in the php/comment.php and (2) the getpartialmatches method in php/aolbonics.php.