NuytsTech Security

CVE-2006-2459

by ·

SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter.

Date published : 2006-05-19

http://www.securityfocus.com/bid/18009

http://www.securityfocus.com/archive/1/434162/100/0/threaded

Tags: