CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0728

HIGH
7.5
CVSS Severity Score
EPSS Score0.1950%
EPSS Percentile44.25th
PublishedFeb 16, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands via the title_op parameter.

Affected Platforms (CPE)

πŸ“¦
Webspell

Webspell

<= 4.01.00

References & Advisories

πŸ”— http://secunia.com/advisories/18885
πŸ”— http://www.securityfocus.com/bid/16673
πŸ”— http://www.vupen.com/english/advisories/2006/0606
πŸ”— http://www.webspell.org/index.php?site=news_comments&newsID=49&lang=en
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/24708
πŸ”— http://secunia.com/advisories/18885
πŸ”— http://www.securityfocus.com/bid/16673
πŸ”— http://www.vupen.com/english/advisories/2006/0606

Related Vulnerabilities

CVE-2007-116010.0

webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vuln...

CVE-2007-04927.5

Multiple SQL injection vulnerabilities in gallery.php in webSPELL 4.01.02 and earlier allow remote attackers to execute arbitrary ...

CVE-2006-53887.5

SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands...

CVE-2007-05027.5

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the p...