CVE-2006-6090
N/A
N/A
Summary
Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to (a) adminlogin.asp, the (2) name or (3) password parameter to (b) userlogin.asp, or the (3) search parameter to search.asp.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/21111
- http://www.securityfocus.com/archive/1/451846/100/100/threaded
- http://secunia.com/advisories/22943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30343
- http://s-a-p.ca/index.php?page=OurAdvisories&id=35
- http://securityreason.com/securityalert/1913
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30342
- http://www.vupen.com/english/advisories/2006/4579
References
- http://www.securityfocus.com/bid/21111
- http://www.securityfocus.com/archive/1/451846/100/100/threaded
- http://secunia.com/advisories/22943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30343
- http://s-a-p.ca/index.php?page=OurAdvisories&id=35
- http://securityreason.com/securityalert/1913
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30342
- http://www.vupen.com/english/advisories/2006/4579
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.