CVE-2006-3238

2006-06-2710:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.1%

JSON

Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php.

References

secunia.com/advisories/20701/

securityreason.com/securityalert/1149

www.securityfocus.com/archive/1/437651/100/100/threaded

www.securityfocus.com/archive/1/437658/100/100/threaded

www.securityfocus.com/bid/18497

www.vupen.com/english/advisories/2006/2468

exchange.xforce.ibmcloud.com/vulnerabilities/27294