CVE-2006-6094

Name of the Vulnerable Software and Affected Versions ActiveNews Manager (affected versions not specified)

Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through specific parameters in different ASP pages, including the catID parameter to "activeNews categories.asp", the articleID parameter to "activeNews comments.asp", or the query parameter to "activenews search.asp".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.