CVE-2006-2179 Information

Description

Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm.

Reference

http://pridels0.blogspot.com/2006/05/cyberbuild-vuln.html http://secunia.com/advisories/19889 http://www.osvdb.org/25195 http://www.osvdb.org/25196 http://www.securityfocus.com/bid/17829 http://www.vupen.com/english/advisories/2006/1630 https://exchange.xforce.ibmcloud.com/vulnerabilities/26201