CVE-2006-0973

Phpwebsite - SQL Injection

Title source: rule

Description

SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SnIpEr_SA · perlwebappsphp

https://www.exploit-db.com/exploits/1525

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/435009/100/0/threaded

[Exploit] http://www.securityfocus.com/data/vulnerabilities/exploits/phpWebSite-topic-sql-inj.pl

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/16825

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25799

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/430870/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1525

Scores

EPSS 0.0150

EPSS Percentile 81.2%

Details

Status published

Products (11)

phpwebsite/phpwebsite 0.7.3

phpwebsite/phpwebsite 0.8.2

phpwebsite/phpwebsite 0.8.3

phpwebsite/phpwebsite 0.9.3

phpwebsite/phpwebsite 0.9.3.1

phpwebsite/phpwebsite 0.9.3.2

phpwebsite/phpwebsite 0.9.3.3

phpwebsite/phpwebsite 0.9.3.4

phpwebsite/phpwebsite 0.10

phpwebsite/phpwebsite 0.10.1

... and 1 more

Published Mar 03, 2006

Tracked Since Feb 18, 2026