CVE-2006-6038
published 2006-11-22CVE-2006-6038: SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.20%
64.4th percentile
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| powie | pforum | <= 1.29a | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Powie pForum 1.29a editpoll.php ID sql injection (EDB-2797 / XFDB-30359)
vuldb·2026-04-28·CVSS 7.5
CVE-2006-6038 [HIGH] Powie pForum 1.29a editpoll.php ID sql injection (EDB-2797 / XFDB-30359)
A vulnerability classified as critical has been found in Powie pForum 1.29a. Affected by this issue is some unknown functionality of the file editpoll.php. Performing a manipulation of the argument ID results in sql injection.
This vulnerability is known as CVE-2006-6038. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
GHSA
GHSA-764v-fcr7-7g49: SQL injection vulnerability in editpoll
ghsa_unreviewed·2022-05-01
CVE-2006-6038 [HIGH] CWE-89 GHSA-764v-fcr7-7g49: SQL injection vulnerability in editpoll
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22964http://www.securityfocus.com/bid/21144http://www.vupen.com/english/advisories/2006/4607https://exchange.xforce.ibmcloud.com/vulnerabilities/30359https://www.exploit-db.com/exploits/2797http://secunia.com/advisories/22964http://www.securityfocus.com/bid/21144http://www.vupen.com/english/advisories/2006/4607https://exchange.xforce.ibmcloud.com/vulnerabilities/30359https://www.exploit-db.com/exploits/2797
2006-11-22
Published