Unrated severityNVD Advisory· Published Feb 13, 2006· Updated Apr 16, 2026

CVE-2006-0669

Description

Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter. NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL database. SecurityTracker's research indicates that the original problem could be due to a vbscript parsing error based on invalid arguments

Affected products

Gasoft/Gas Forum Light
cpe:2.3:a:gasoft:gas_forum_light:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.securityfocus.com/bid/16563nvdExploit
www.attrition.org/pipermail/vim/2006-February/000561.htmlnvd
www.osvdb.org/23509nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24616nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000