Vulnerabilities > CVE-2006-6216 - SQL Injection vulnerability in Nivisec Hacks List HACK_ID

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

nivisec

exploit available

NVD

Published: 2006-12-01

Updated: 2017-10-19

Summary

SQL injection vulnerability in admin_hacks_list.php in the Nivisec Hacks List 1.21 and earlier phpBB module allows remote attackers to execute arbitrary SQL commands via the hack_id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Nivisec Nivisec Hacks List *	1

Exploit-Db

description	Hacks List phpBB Mod <= 1.21 Remote SQL Injection Vulnerability. CVE-2006-6216. Webapps exploit for php platform
file	exploits/php/webapps/2851.txt
id	EDB-ID:2851
last seen	2016-01-31
modified	2006-11-26
platform	php
port
published	2006-11-26
reporter	the master
source	https://www.exploit-db.com/download/2851/
title	Hacks List phpBB Mod <= 1.21 - Remote SQL Injection Vulnerability
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References