Skip to main content

CVE-2006-0358

Severity High
Score 7.5/10

Summary

Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published