返回 CVE 浏览器

CVE-2006-0727

HIGH

7.5

CVSS Severity Score

EPSS Score0.1880%

EPSS Percentile34.88th

Published2006年2月16日

Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.

Affected Platforms (CPE)

📦

Musox

Df Msanalysis

= 1.0.1

References & Advisories

🔗 http://dragonflycms.org/Forums/viewtopic/t=14751.html

🔗 http://dragonflycms.org/Forums/viewtopic/t=14877/postdays=0/postorder=asc/start=15.html

🔗 http://dragonflycms.org/cvs/html/includes/functions/linking.php?b=9.19.2

🔗 http://dragonflycms.org/cvs/html/includes/functions/linking.php?d=9.23-9.22

🔗 http://www.osvdb.org/23060

🔗 http://www.osvdb.org/23250

🔗 http://www.securityfocus.com/bid/16783

🔗 http://www.vupen.com/english/advisories/2006/0688

相关漏洞威胁

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...