CVE-2006-4501 Information

Description

SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) about (2) album (3) id (4) use (5) desc (6) doc (7) mname (8) max and possibly other parameters.

Reference

http://securityreason.com/securityalert/1481 http://www.securityfocus.com/archive/1/444743/100/0/threaded http://www.securityfocus.com/bid/19759 https://exchange.xforce.ibmcloud.com/vulnerabilities/28667