CVE-2006-2508 Information

Description

SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter possibly involving an attack vector using advertise.php.

Reference

http://secunia.com/advisories/20213 http://securityreason.com/securityalert/931 http://www.osvdb.org/25691 http://www.osvdb.org/25692 http://www.securityfocus.com/archive/1/434527/100/0/threaded http://www.securityfocus.com/bid/18044 http://www.vupen.com/english/advisories/2006/1897 https://exchange.xforce.ibmcloud.com/vulnerabilities/26569 https://exchange.xforce.ibmcloud.com/vulnerabilities/26570