Vulnerabilities > CVE-2006-0065 - SQL Injection vulnerability in VEGO Web Forum Theme_ID
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_display.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |