CVE-2006-2032
The CVE-2006-2032 entry documents multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier. The vulnerable surface is in preview.php, where attacker-supplied parameters icon_id and userid can be exploited to execute arbitrary SQL commands. The issue allows remote attackers to inf...