Unrated severityNVD Advisory· Published Nov 24, 2006· Updated Jun 16, 2026
CVE-2006-6094
CVE-2006-6094
Description
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:dotnetindex:active_news_manager:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- s-a-p.ca/index.phpnvdBroken LinkExploitVendor AdvisoryURL Repurposed
- www.securityfocus.com/archive/1/452015nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/21167nvdExploitThird Party AdvisoryVDB Entry
- secunia.com/advisories/22981nvdVendor Advisory
- securityreason.com/securityalert/1910nvdThird Party Advisory
- marc.infonvdMailing List
- www.aria-security.com/forum/showthread.phpnvdBroken Link
- www.osvdb.org/30518nvdBroken Link
- www.osvdb.org/30519nvdBroken Link
- www.osvdb.org/30520nvdBroken Link
- www.vupen.com/english/advisories/2006/4600nvdNot Applicable
- www.securityfocus.com/archive/1/451884/100/100/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30352nvd
News mentions
0No linked articles in our index yet.