CVE-2006-0581 Information

Description

SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.

Reference

http://secunia.com/advisories/18731 http://securitytracker.com/id?1015584 http://www.osvdb.org/22982 http://www.osvdb.org/22983 http://www.vupen.com/english/advisories/2006/0460 https://exchange.xforce.ibmcloud.com/vulnerabilities/24537