CVE-2006-6109 Information
Feb 14, 2021
cve
Description
Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp.
Reference
http://marc.info/?l=bugtraq&m=116372253323469&w=2 http://s-a-p.ca/index.php?page=OurAdvisories&id=25 http://secunia.com/advisories/22954 http://www.securityfocus.com/bid/21090/info http://www.vupen.com/english/advisories/2006/4577 https://exchange.xforce.ibmcloud.com/vulnerabilities/30346
Share on: