Vulnerabilities > CVE-2006-1954 - Unspecified vulnerability in Nfec.De Rechnungszentrale V21.1.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN nfec-de
exploit available
Summary
SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description RechnungsZentrale V2 1.1.3 Authent.PHP4 SQL Injection Vulnerability. CVE-2006-1954. Webapps exploit for php platform id EDB-ID:27674 last seen 2016-02-03 modified 2006-04-18 published 2006-04-18 reporter GroundZero Security source https://www.exploit-db.com/download/27674/ title RechnungsZentrale 2 1.1.3 - Authent.PHP4 SQL Injection Vulnerability id EDB-ID:1699
References
- http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html
- http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html
- http://secunia.com/advisories/19728
- http://secunia.com/advisories/19728
- http://www.g-0.org/code/rz2-adv.html
- http://www.g-0.org/code/rz2-adv.html
- http://www.osvdb.org/24752
- http://www.osvdb.org/24752
- http://www.securityfocus.com/bid/17588
- http://www.securityfocus.com/bid/17588
- http://www.vupen.com/english/advisories/2006/1425
- http://www.vupen.com/english/advisories/2006/1425
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25911
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25911
- https://www.exploit-db.com/exploits/1699
- https://www.exploit-db.com/exploits/1699