Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2006-1766

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php.

  • Published: Apr 13, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-1766
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:N/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
papoo / papoo 2.1.2 2.1.2.x
papoo / papoo 2.1.4 2.1.4.x
papoo / papoo - 3_beta1.x
papoo / papoo 2.1.5 2.1.5.x