Unrated severityNVD Advisory· Published Jun 27, 2006· Updated Apr 16, 2026

CVE-2006-3238

Description

Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php.

Affected products

Vbzoom/Vbzoom
cpe:2.3:a:vbzoom:vbzoom:*:*:*:*:*:*:*:*
Range: <=1.00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20701/nvdVendor Advisory
securityreason.com/securityalert/1149nvd
www.securityfocus.com/archive/1/437651/100/100/threadednvd
www.securityfocus.com/archive/1/437658/100/100/threadednvd
www.securityfocus.com/bid/18497nvd
www.vupen.com/english/advisories/2006/2468nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27294nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000