CVE-2006-2826

HIGH

7.5

CVSS Severity Score

EPSS Score0.1860%

EPSS Percentile38.15th

PublishedJun 5, 2006

Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote attackers to execute arbitrary SQL commands via the id variable, which is set by a client through a query string or a cookie.

Affected Platforms (CPE)

📦

Phplib Team

Phplib

= 7.4

📦

Phplib Team

Phplib

= 7.4_pre2

References & Advisories

🔗 http://secunia.com/advisories/16902

🔗 http://securitytracker.com/id?1016123

🔗 http://sourceforge.net/project/shownotes.php?group_id=31885&release_id=396091

🔗 http://www.gulftech.org/?node=research&article_id=00107-03052006

🔗 http://www.osvdb.org/23466

🔗 http://www.securityfocus.com/bid/16801

🔗 http://www.vupen.com/english/advisories/2006/0720

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/24873

Vulnerability Description

Affected Platforms (CPE)

Phplib

Phplib

References & Advisories

Related Vulnerabilities