CVE-2006-3926 Information

Description

Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html http://secunia.com/advisories/21201 http://securityreason.com/securityalert/1298 http://securitytracker.com/id?1016595 http://www.osvdb.org/27545 http://www.osvdb.org/27546 http://www.securityfocus.com/bid/19158 https://exchange.xforce.ibmcloud.com/vulnerabilities/28032