CVE-2006-2459

CVE-2006-2459 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter.

Learn more about our User Device Pen Test.