Vulnerabilities > CVE-2006-2065 - SQL Injection vulnerability in PHPSurveyor SurveyID Parameter
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Exploit-Db
| description | PHPSurveyor <= 0.995 (surveyid) Remote Command Execution Exploit. CVE-2006-2065. Webapps exploit for php platform |
| id | EDB-ID:1701 |
| last seen | 2016-01-31 |
| modified | 2006-04-20 |
| published | 2006-04-20 |
| reporter | rgod |
| source | https://www.exploit-db.com/download/1701/ |
| title | PHPSurveyor <= 0.995 surveyid Remote Command Execution Exploit |
References
- http://retrogod.altervista.org/phpsurveyor_0995_xpl.html
- http://secunia.com/advisories/19761
- http://securitytracker.com/id?1015970
- http://www.osvdb.org/24787
- http://www.securityfocus.com/archive/1/431508/100/0/threaded
- http://www.securityfocus.com/bid/17633
- http://www.vupen.com/english/advisories/2006/1451
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25970