CVE-2006-3292
CVE-2006-3292 affects Jaws 0.6.2, where a SQL injection vulnerability in the Search gadget allows remote attackers to modify or query the database via the searchdata parameter (LIKE usage). The underlying issue is unsafely concatenating user input into SQL statements used by the search functional...