CVE-2006-1947 Information

Description

Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize (2) maxrec and (3) startpos parameters.

Reference

http://pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.html http://secunia.com/advisories/19720 http://www.securityfocus.com/bid/17617 http://www.vupen.com/english/advisories/2006/1423 https://exchange.xforce.ibmcloud.com/vulnerabilities/25918