Published: 31/07/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote malicious users to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php pro bid php pro bid 5.24

source: wwwsecurityfocuscom/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input A successful exploit of these vulnerabilities could allow an attacker to compromise the applica ...

source: wwwsecurityfocuscom/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input A successful exploit of these vulnerabilities could allow an attacker to compromise the applicati ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html http://www.securityfocus.com/bid/19158 http://www.osvdb.org/27545 http://www.osvdb.org/27546 http://securitytracker.com/id?1016595 http://secunia.com/advisories/21201 http://securityreason.com/securityalert/1298 https://exchange.xforce.ibmcloud.com/vulnerabilities/28032 https://nvd.nist.gov https://www.exploit-db.com/exploits/28276/

CVE-2006-3926

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect