CVE-2006-4879

2006-09-1921:00:00

mitre

www.cve.org

AI Score

8.4

Confidence

Low

EPSS

0.006

Percentile

79.5%

JSON

SQL injection vulnerability in profile.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.

References

secunia.com/advisories/22014

securityreason.com/securityalert/1607

www.securityfocus.com/archive/1/446318/100/0/threaded

www.securityfocus.com/bid/20061

www.vupen.com/english/advisories/2006/3688