CVE Vulnerabilities

CVE-2006-3332

Published: Jun 30, 2006 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbitrary SQL commands via the (1) offset, (2) tid, (3) fromid, (4) sortby, (5) fromfrommethod, and (6) fromfromlist parameters.

Affected Software

Name Vendor Start Version End Version
Zorum Phpoutsourcing 3.0 (including) 3.0 (including)
Zorum Phpoutsourcing 3.1 (including) 3.1 (including)
Zorum Phpoutsourcing 3.2 (including) 3.2 (including)
Zorum Phpoutsourcing 3.3 (including) 3.3 (including)
Zorum Phpoutsourcing 3.4 (including) 3.4 (including)
Zorum Phpoutsourcing 3.5 (including) 3.5 (including)

References