2 matches found
CVE-2006-6095
ActiveNews Manager is affected by CVE-2006-6095 via multiple SQL injection vulnerabilities. The issues allow remote attackers to execute arbitrary SQL commands through (1) the articleID parameter to activenews_view.asp or (2) the page parameter to default.asp; the CVE also notes that the vectors ...
CVE-2006-6094
CVE-2006-6094 refers to multiple SQL injection vulnerabilities in ActiveNews Manager, exposed via (1) catID in activeNews_categories.asp, (2) articleID in activeNews_comments.asp, and (3) query in activenews_search.asp. Connected records corroborate that these are remote SQL injection flaws allow...