CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5926

HIGH
7.5
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile39.73th
PublishedNov 16, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in mail.php in Vallheru before 1.0.7 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) to parameters. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Vallheru

Vallheru

= 1.0.6

References & Advisories

πŸ”— http://secunia.com/advisories/22812
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=463228
πŸ”— http://vallheru.svn.sourceforge.net/viewvc/vallheru/vallheru/mail.php?r1=782&r2=781&pathrev=782
πŸ”— http://www.securityfocus.com/bid/21051
πŸ”— http://www.vupen.com/english/advisories/2006/4493
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30255
πŸ”— http://secunia.com/advisories/22812
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=463228

Related Vulnerabilities

CVE-2007-140810.0

Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-254710.0

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to ex...