CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-4564
https://notcve.org/view.php?id=CVE-2006-4564
SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote attackers to execute arbitrary SQL commands via the cur_cat parameter. Vulnerabilidad de inyección SQL en Sources/ManageBoards.php en Simple Machines Forum 1.1 RC3 permite a un atacante remoto ejecutar comandos SQL de su elección a través del parámetro cur_cat. • http://archives.neohapsis.com/archives/bugtraq/2006-09/0009.html http://secunia.com/advisories/21740 http://securityreason.com/securityalert/1506 http://www.vupen.com/english/advisories/2006/3435 https://exchange.xforce.ibmcloud.com/vulnerabilities/28716 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •