CVE-2006-3239 Information

Description

SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter.

Reference

http://securityreason.com/securityalert/1148 http://www.securityfocus.com/archive/1/437655 http://www.securityfocus.com/bid/18497 https://exchange.xforce.ibmcloud.com/vulnerabilities/27295