CVE-2006-4953

2006-09-23T06:07:00
ID CVE-2006-4953
Type cve
Reporter NVD
Modified 2017-07-19T21:33:24

Description

Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in the (b) maillist servlet.