Unrated severityNVD Advisory· Published Nov 24, 2006· Updated Apr 23, 2026
CVE-2006-6094
CVE-2006-6094
Description
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp.
Affected products
1- cpe:2.3:a:dotnetindex:active_news_manager:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- s-a-p.ca/index.phpnvdBroken LinkExploitVendor AdvisoryURL Repurposed
- www.securityfocus.com/archive/1/452015nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/21167nvdExploitThird Party AdvisoryVDB Entry
- secunia.com/advisories/22981nvdVendor Advisory
- securityreason.com/securityalert/1910nvdThird Party Advisory
- marc.infonvdMailing List
- www.aria-security.com/forum/showthread.phpnvdBroken Link
- www.osvdb.org/30518nvdBroken Link
- www.osvdb.org/30519nvdBroken Link
- www.osvdb.org/30520nvdBroken Link
- www.vupen.com/english/advisories/2006/4600nvdNot Applicable
- www.securityfocus.com/archive/1/451884/100/100/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30352nvd
News mentions
0No linked articles in our index yet.