CVE-2006-3994

Name of the Vulnerable Software and Affected Versions XMB versions 1.9.6 Alpha and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the u2uid parameter to the /u2u.php endpoint, which directly accesses the $ POST data and bypasses the protection scheme. The vulnerable function is u2u send recp in u2u.inc.php.

Recommendations For XMB versions 1.9.6 Alpha and earlier, consider restricting access to the u2u send recp function in u2u.inc.php until a patch is available. Avoid using the u2uid parameter in the /u2u.php endpoint to minimize the risk of exploitation.