CVE-2006-0358

Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

Date published : 2006-01-22

http://www.securityfocus.com/bid/16279

http://www.securityfocus.com/archive/1/422151/100/0/threaded