2 matches found
CVE-2006-2985
SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLEURL parameter...
CVE-2006-2985
This CVE concerns SQL injection in IntegraMOD 1.4.0 (and earlier) via the STYLE_URL parameter in index.php. The root cause is unsafely encoded input (double-encoded a single quote), allowing remote attackers to craft SQL commands. Public records (NVD/NVD-derived CVE listing) confirm the affected ...