Back to CVE Browser

CVE-2006-7005

HIGH

7.5

CVSS Severity Score

EPSS Score0.1570%

EPSS Percentile23.35th

PublishedFeb 12, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦

Php Script Tools

Psy Auction

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/17974

🔗 http://www.securityfocus.com/data/vulnerabilities/exploits/PSYAuction-0515-sql-html.txt

🔗 http://www.securityfocus.com/bid/17974

🔗 http://www.securityfocus.com/data/vulnerabilities/exploits/PSYAuction-0515-sql-html.txt

Related Vulnerabilities

CVE-2006-70046.8

Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary web scrip...

CVE-2006-207710.0

Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to t...

CVE-2006-207410.0

Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors re...

CVE-2006-218910.0

SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the...