CVE-2006-6181 Information

Description

Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the (1) AlphaSort (2) In and (3) orderby parameters.

Reference

http://secunia.com/advisories/23119 http://www.aria-security.com/forum/showthread.php?t=51 http://www.securityfocus.com/archive/1/452825/100/0/threaded http://www.securityfocus.com/bid/21302 http://www.vupen.com/english/advisories/2006/4741 https://exchange.xforce.ibmcloud.com/vulnerabilities/30534