CVE-2006-2697

CVE-2006-2697 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.