CVE-2006-4419

Name of the Vulnerable Software and Affected Versions ProManager version 0.73

Description A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved via the note id parameter in the note.php file.

Recommendations For ProManager version 0.73, consider restricting access to the note.php file or validating and sanitizing the note id parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the note id parameter in the affected note.php file until a patch is available.