CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0716

HIGH
7.5
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile8.25th
PublishedFeb 15, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in index.php in sNews 1.3 allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.

Affected Platforms (CPE)

πŸ“¦
Solucija

Snews

= 1.3

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0297.html
πŸ”— http://securityreason.com/securityalert/431
πŸ”— http://www.securityfocus.com/archive/1/424958/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/16647
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/24675
πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0297.html
πŸ”— http://securityreason.com/securityalert/431
πŸ”— http://www.securityfocus.com/archive/1/424958/100/0/threaded

Related Vulnerabilities

CVE-2007-026110.0

snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform u...

CVE-2016-200529.8

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files i...

CVE-2007-48419.3

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrar...

CVE-2007-40427.5

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NUL...