CVE-2006-2826

HIGH

7.5

CVSS Severity Score

EPSS Score0.1860%

EPSS Percentile38.15th

Published2006年6月5日

Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote attackers to execute arbitrary SQL commands via the id variable, which is set by a client through a query string or a cookie.

Affected Platforms (CPE)

📦

Phplib Team

Phplib

= 7.4

📦

Phplib Team

Phplib

= 7.4_pre2

References & Advisories

🔗 http://secunia.com/advisories/16902

🔗 http://securitytracker.com/id?1016123

🔗 http://sourceforge.net/project/shownotes.php?group_id=31885&release_id=396091

🔗 http://www.gulftech.org/?node=research&article_id=00107-03052006

🔗 http://www.osvdb.org/23466

🔗 http://www.securityfocus.com/bid/16801

🔗 http://www.vupen.com/english/advisories/2006/0720

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/24873

Vulnerability Description

Affected Platforms (CPE)

Phplib

Phplib

References & Advisories

関連する脆弱性情報