CVE-2006-0759

Hivemail - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the contactgroupid parameter in addressbook.update.php, (2) the messageid parameter in addressbook.add.php, (3) the folderid parameter in folders.update.php, and possibly certain parameters in (4) calendar.event.php, (5) index.php, (6) pop.download.php, (7) read.bounce.php, (8) rules.block.php, (9) language.php, and (10) certain other scripts; and allow remote authenticated users to execute arbitrary SQL commands via (11) the folderid parameter in index.php and (12) possibly other parameters in certain other scripts, because $_SERVER['PHP_SELF'] is improperly handled.

Exploits (1)

exploitdb WORKING POC VERIFIED

by [Oo] · perlwebappsphp

https://www.exploit-db.com/exploits/1756

View Code ZIP pw:eip

References (8)

[Various Sources] http://forum.hivemail.com/showthread.php?p=26745

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/16591

[Third Party Advisory] http://securityreason.com/securityalert/422

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0527

[Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2006-02/0162.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/24623

[Vendor Advisory] http://www.gulftech.org/?node=research&article_id=00098-02102006

[Third Party Advisory] http://secunia.com/advisories/18807

Scores

EPSS 0.0164

EPSS Percentile 82.0%

Details

Status published

Products (10)

hivemail/hivemail 1.1

hivemail/hivemail 1.1.1

hivemail/hivemail 1.2

hivemail/hivemail 1.2.1_beta1

hivemail/hivemail 1.2.1_rc

hivemail/hivemail 1.2.2

hivemail/hivemail 1.2_sp1

hivemail/hivemail 1.3

hivemail/hivemail 1.3_beta1

hivemail/hivemail 1.3_rc1

Published Feb 18, 2006

Tracked Since Feb 18, 2026