2 matches found
CVE-2006-0464
CVE-2006-0464 affects IdeoContent Manager: multiple SQL injection vulnerabilities in index.php allow remote attackers to execute arbitrary SQL via the goto_id or mid parameters. Root cause is unsanitized user input in these parameters, enabling crafted queries. Documents do not specify affected v...
CVE-2006-0463
CVE-2006-0463 involves IdeoContent Manager and is described as a Cross-site scripting (XSS) vulnerability. The vulnerability allows remote attackers to inject arbitrary web script or HTML via (1) the goto_id parameter to index.php or (2) the page parameter to news_full.php. The connected document...