CVE-2006-0358 Information

Description

Multiple SQL injection vulnerabilities in PowerPortal possibly 1.1 beta through 1.3 allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

Reference

http://secunia.com/advisories/10172 http://web.archive.org/web/20050303003128/http://powerportal.sourceforge.net/ http://www.osvdb.org/27957 http://www.osvdb.org/27958 http://www.securityfocus.com/archive/1/422151/100/0/threaded http://www.securityfocus.com/bid/16279 https://exchange.xforce.ibmcloud.com/vulnerabilities/24196