CVE-2006-3691

2006-07-1821:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.1%

JSON

Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.

References

securityreason.com/securityalert/1244

www.osvdb.org/28254

www.securityfocus.com/archive/1/440114/100/0/threaded

www.securityfocus.com/archive/1/440133/100/0/threaded

www.securityfocus.com/archive/1/440141/100/0/threaded

www.securityfocus.com/archive/1/440145/100/0/threaded

www.securityfocus.com/archive/1/491770/100/0/threaded

www.securityfocus.com/bid/18937

exchange.xforce.ibmcloud.com/vulnerabilities/42254