CVE-2006-0943

Pwsphp - SQL Injection

Title source: rule

Description

SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by papipsycho · perlwebappsphp

https://www.exploit-db.com/exploits/1532

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015684

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/426084/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/496

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/426183/100/0/threaded

[Various Sources] http://www.pwsphp.com/index.php?mod=news&ac=commentaires&id=278

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0748

Scores

EPSS 0.0108

EPSS Percentile 77.9%

Details

Status published

Products (1)

pwsphp/pwsphp 1.2.3

Published Mar 01, 2006

Tracked Since Feb 18, 2026