CVE-2006-6846

2007-01-0302:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.6%

JSON

Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in © login.asp.

References

secunia.com/advisories/23571

www.securityfocus.com/bid/21803

exchange.xforce.ibmcloud.com/vulnerabilities/31128

www.exploit-db.com/exploits/3032