CVE-2006-2139

2006-05-0210:00:00

mitre

www.cve.org

AI Score

8.6

Confidence

Low

EPSS

0.006

Percentile

78.9%

JSON

Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to © delete.php, or (8) tablename parameter to (d) searchnews.php.

References

evuln.com/vulns/129/summary.html

secunia.com/advisories/19904

www.osvdb.org/25132

www.osvdb.org/25133

www.osvdb.org/25134

www.osvdb.org/25135

www.securityfocus.com/bid/17757

www.vupen.com/english/advisories/2006/1574

exchange.xforce.ibmcloud.com/vulnerabilities/26205