CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0563

HIGH
7.5
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile33.90th
PublishedFeb 6, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a comment_add action.

Affected Platforms (CPE)

πŸ“¦
Pluggedout

Pluggedout Blog

= 1.9.9c

References & Advisories

πŸ”— http://attrition.org/pipermail/vim/2006-February/000531.html
πŸ”— http://hamid.ir/security/pluggedoutblog.txt
πŸ”— http://secunia.com/advisories/18726
πŸ”— http://securityreason.com/securityalert/415
πŸ”— http://securitytracker.com/id?1015586
πŸ”— http://www.osvdb.org/22926
πŸ”— http://www.securityfocus.com/archive/1/423948/100/0/threaded
πŸ”— http://www.vupen.com/english/advisories/2006/0440

Related Vulnerabilities

CVE-2005-40547.5

SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL com...

CVE-2006-05624.3

Cross-site scripting (XSS) vulnerability in problem.php in PluggedOut Blog 1.9.9c allows remote attackers to inject arbitrary web ...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...