VYPR
Unrated severityNVD Advisory· Published Dec 31, 2006· Updated Jun 16, 2026

CVE-2006-6828

CVE-2006-6828

Description

Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. The default.asp/grup vector is already covered by CVE-2006-6794.

Affected products

2
  • Efkan/Forum2 versions
    cpe:2.3:a:efkan_forum:efkan_forum:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:efkan_forum:efkan_forum:*:*:*:*:*:*:*:*range: <=1.0
    • (no CPE)range: <=1.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.