CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3525

SQL injection vulnerability in category.php in PHCDownload 1.0.0 Final and 1.0.0 Release Candidate 6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://pridels0.blogspot.com/2006/06/phcdownload-sql-injection-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/27238
http://pridels0.blogspot.com/2006/06/phcdownload-sql-injection-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/27238

Products affected by CVE-2006-3525

Phpcredo » Phcdownload » Version: Any

cpe:2.3:a:phpcredo:phcdownload:*
Phpcredo » Phcdownload » Version: 1.0.0_final

cpe:2.3:a:phpcredo:phcdownload:1.0.0_final

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3525

Products

Pricing

Contact Us