CVE-2006-1754 | Vulnerability Database | Aqua Security

SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.

Affected Software

Name	Vendor	Start Version	End Version
Confixx	Swsoft	3.0.6 (including)	3.0.6 (including)
Confixx	Swsoft	3.0.8 (including)	3.0.8 (including)
Confixx	Swsoft	3.1.2 (including)	3.1.2 (including)

References

http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt
http://secunia.com/advisories/19611
http://www.securityfocus.com/archive/1/430671/100/0/threaded
http://www.securityfocus.com/archive/1/430890/100/0/threaded
http://www.securityfocus.com/archive/1/431421/100/0/threaded
http://www.securityfocus.com/bid/17476
http://www.vupen.com/english/advisories/2006/1331
https://exchange.xforce.ibmcloud.com/vulnerabilities/25749
http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt
http://secunia.com/advisories/19611
http://www.securityfocus.com/archive/1/430671/100/0/threaded
http://www.securityfocus.com/archive/1/430890/100/0/threaded
http://www.securityfocus.com/archive/1/431421/100/0/threaded
http://www.securityfocus.com/bid/17476
http://www.vupen.com/english/advisories/2006/1331
https://exchange.xforce.ibmcloud.com/vulnerabilities/25749

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1754
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html