2 matches found
CVE-2006-0605
CVE-2006-0605 concerns Unknown Domain Shoutbox 2005.07.21 and describes multiple input validation flaws enabling remote attackers to inject arbitrary code via the Handle or Message fields. The linked sources indicate two vulnerability classes: cross-site scripting (XSS) and SQL injection, arising...
CVE-2006-0606
The CVE-2006-0606 entry concerns a SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 that allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. Affected software is Shoutbox (Unknown Domain). The root cause is improper handling of user-supplied inpu...