CVE-2006-2459
The CVE-2006-2459 issue affects PHP-Fusion up to version 6.00.307 (and earlier) in messages.php, where the srch_where parameter is vulnerable to SQL injection by remote authenticated users. The vulnerability arises from improper handling of user-supplied input in the SQL query, enabling arbitrary...