CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-3346

HIGH
7.5
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile42.69th
Published2006年7月3日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows remote attackers to execute arbitrary SQL commands via the grp_id parameter.

Affected Platforms (CPE)

📦
Carlos Sanchez Valle

Mynewsgroups

= 0.6

References & Advisories

🔗 http://secunia.com/advisories/20915
🔗 http://securityreason.com/securityalert/1182
🔗 http://www.securityfocus.com/archive/1/438814/100/0/threaded
🔗 http://www.securityfocus.com/bid/18757
🔗 http://www.vupen.com/english/advisories/2006/2629
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/27492
🔗 http://secunia.com/advisories/20915
🔗 http://securityreason.com/securityalert/1182

相關漏洞威脅

CVE-2007-232510.0

PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) allows remote attackers to execute arbitrary PHP code vi...

CVE-2006-39667.5

PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.php in the PHP Layers Menu 2.3.5 package for MyNewsGroups :) 0...

CVE-2002-18534.3

Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 allows remote attackers to inject arbitrary web script or H...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...