CVE-2006-2616 Information

Description

SQL injection vulnerability in the search script in (1) AlstraSoft Web Host Directory 1.2 aka (2) HyperStop WebHost Directory 1.2 allows remote attackers to execute arbitrary SQL commands via the uri parameter.

Reference

http://secunia.com/advisories/20276 http://secunia.com/advisories/20278 http://securityreason.com/securityalert/955 http://www.securityfocus.com/archive/1/434912/100/0/threaded http://www.vupen.com/english/advisories/2006/1972 http://www.vupen.com/english/advisories/2006/1973 https://exchange.xforce.ibmcloud.com/vulnerabilities/26653 https://exchange.xforce.ibmcloud.com/vulnerabilities/26658