CVE-2006-0542 Information

Description

Multiple SQL injection vulnerabilities in config.php in NukedWeb GuestBookHost 2005.04.25 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters.

Reference

http://secunia.com/advisories/18761 http://www.evuln.com/vulns/56/summary.html http://www.securityfocus.com/archive/1/424714/100/0/threaded http://www.securityfocus.com/bid/16545 http://www.vupen.com/english/advisories/2006/0465 https://exchange.xforce.ibmcloud.com/vulnerabilities/24406