CVE-2006-0358 | HackTesting

Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

References

http://www.securityfocus.com/bid/16279

http://secunia.com/advisories/10172

http://web.archive.org/web/20050303003128/http://powerportal.sourceforge.net/

https://exchange.xforce.ibmcloud.com/vulnerabilities/24196

http://www.osvdb.org/27957

http://www.securityfocus.com/archive/1/422151/100/0/threaded

http://www.osvdb.org/27958