Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to (a) adminlogin.asp, the (2) name or (3) password parameter to (b) userlogin.asp, or the (3) search parameter to search.asp.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-11-24T18:00:00
Updated: 2024-08-07T20:12:31.649Z
Reserved: 2006-11-24T00:00:00
Link: CVE-2006-6090
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-11-24T18:07:00.000
Modified: 2024-11-21T00:21:45.887
Link: CVE-2006-6090
Redhat
No data.