CVE-2006-1754 – SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection
https://notcve.org/view.php?id=CVE-2006-1754
SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter. • https://www.exploit-db.com/exploits/27628 http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt http://secunia.com/advisories/19611 http://www.securityfocus.com/archive/1/430671/100/0/threaded http://www.securityfocus.com/archive/1/430890/100/0/threaded http://www.securityfocus.com/archive/1/431421/100/0/threaded http://www.securityfocus.com/bid/17476 http://www.vupen.com/english/advisories/2006/1331 https://exchange.xforce.ibmcloud.com/vulnerabilities/25749 •
CVE-2005-1302
https://notcve.org/view.php?id=CVE-2005-1302
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field. • http://marc.info/?l=bugtraq&m=111444886429814&w=2 http://secunia.com/advisories/15121 http://securityreason.com/securityalert/694 http://www.osvdb.org/15815 http://www.securityfocus.com/bid/13355 •