[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a duplicate of a SiteSuite issue that was also assigned CVE-2006-0158. Notes: All CVE users should consult CVE-2006-0992 and CVE-2006-0158 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.
SiteSuite CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'page' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.