CVE-2006-0123 Information

Description

Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php and possibly other vectors.

Reference

http://evuln.com/vulns/15/summary.html http://secunia.com/advisories/18300 http://securitytracker.com/id?1015445 http://www.osvdb.org/22240 http://www.osvdb.org/22241 http://www.securityfocus.com/archive/1/420990/100/0/threaded http://www.securityfocus.com/bid/16157 http://www.vupen.com/english/advisories/2006/0077