CVE-2006-3822 Information

Description

SQL injection vulnerability in index.php in GeodesicSolutions GeoAuctions Enterprise 1.0.6 allows remote attackers to execute arbitrary SQL commands via the d parameter.

Reference

http://secunia.com/advisories/21325 http://www.packetstormsecurity.org/0607-exploits/geoauctionsSQL.txt http://www.securityfocus.com/bid/19093 http://www.vupen.com/english/advisories/2006/3133