CVE-2006-3238 Information

Description

Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php and the (2) QuranID parameter to lng.php.

Reference

http://secunia.com/advisories/20701/ http://securityreason.com/securityalert/1149 http://www.securityfocus.com/archive/1/437651/100/100/threaded http://www.securityfocus.com/archive/1/437658/100/100/threaded http://www.securityfocus.com/bid/18497 http://www.vupen.com/english/advisories/2006/2468 https://exchange.xforce.ibmcloud.com/vulnerabilities/27294