Vulnerabilities > CVE-2006-7101 - Unspecified vulnerability in PHPwind
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpwind
exploit available
Summary
SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the AdminUser cookie.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | PHPWind <= 5.0.1 (AdminUser) Remote Blind SQL Injection Exploit. CVE-2006-7101. Webapps exploit for php platform |
| file | exploits/php/webapps/2759.php |
| id | EDB-ID:2759 |
| last seen | 2016-01-31 |
| modified | 2006-11-12 |
| platform | php |
| port | |
| published | 2006-11-12 |
| reporter | rgod |
| source | https://www.exploit-db.com/download/2759/ |
| title | PHPWind <= 5.0.1 AdminUser Remote Blind SQL Injection Exploit |
| type | webapps |
References
- http://secunia.com/advisories/22846
- http://www.vupen.com/english/advisories/2006/4462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30184
- https://www.exploit-db.com/exploits/2759
- http://secunia.com/advisories/22846
- https://www.exploit-db.com/exploits/2759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30184
- http://www.vupen.com/english/advisories/2006/4462