CVE-2006-3752 Information

Description

Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail (2) name (3) mail (4) ip or (5) text parameters.

Reference

http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt http://secunia.com/advisories/21102 http://securityreason.com/securityalert/1248 http://securitytracker.com/id?1016550 http://www.securityfocus.com/archive/1/440421/100/0/threaded http://www.securityfocus.com/bid/19019 http://www.vupen.com/english/advisories/2006/2876 https://exchange.xforce.ibmcloud.com/vulnerabilities/27774