CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-7088

Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) logon_user.php and (2) update_profile.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://sourceforge.net/project/shownotes.php?release_id=462654
http://www.vupen.com/english/advisories/2006/4496
https://exchange.xforce.ibmcloud.com/vulnerabilities/30252
http://sourceforge.net/project/shownotes.php?release_id=462654
http://www.vupen.com/english/advisories/2006/4496
https://exchange.xforce.ibmcloud.com/vulnerabilities/30252

Products affected by CVE-2006-7088

Simple Php Forum » Simple Php Forum » Version: 0.1

cpe:2.3:a:simple_php_forum:simple_php_forum:0.1
Simple Php Forum » Simple Php Forum » Version: 0.2

cpe:2.3:a:simple_php_forum:simple_php_forum:0.2
Simple Php Forum » Simple Php Forum » Version: 0.3

cpe:2.3:a:simple_php_forum:simple_php_forum:0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-7088

Products

Pricing

Contact Us