CVE-2006-6157

SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.

Date published : 2006-11-28

http://www.securityfocus.com/bid/21237

http://www.securityfocus.com/archive/1/452231/100/100/threaded