CVE-2006-2499
CVE-2006-2499 affects CodeAvalanche News (CANews) 1.2, where a SQL injection in default.asp via the password field allows remote execution of arbitrary SQL. The linked data list a CVSSv2 base score of 7.5 (HIGH) with NETWORK attack vector, LOW access complexity, and no authentication required, yi...