Vulnerabilities > CVE-2006-0719 - SQL Injection vulnerability in Deltascripts PHP Classifieds 6.18/6.19/6.20

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
deltascripts
exploit available
NVD
Published: 2006-02-15
Updated: 2018-10-19

Summary

SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter.

Vulnerable Configurations

Part Description Count
Application
Deltascripts
3

Exploit-Db

descriptionDeltaScripts PHP Classifieds 6.20 Member_Login.PHP SQL Injection Vulnerability. CVE-2006-0719. Webapps exploit for php platform
idEDB-ID:27214
last seen2016-02-03
modified2006-02-14
published2006-02-14
reporterAudun Larsen
sourcehttps://www.exploit-db.com/download/27214/
titleDeltaScripts PHP Classifieds 6.20 Member_Login.PHP SQL Injection Vulnerability

References