CVE-2006-4114

Phpmyring < 4.2 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idsite parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by simo64 · perlwebappsphp

https://www.exploit-db.com/exploits/2159

View Code ZIP pw:eip

References (10)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/442808/100/100/threaded

[Exploit, Vendor Advisory] http://secunia.com/advisories/21451

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2159

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2006-08/0184.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28318

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1016686

[Exploit] http://www.securityfocus.com/bid/19456

[Various Sources] http://www.morx.org/ring.txt

[Third Party Advisory, VDB Entry] http://www.osvdb.org/27881

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/3238

Scores

EPSS 0.0266

EPSS Percentile 85.8%

Details

Status published

Products (1)

phpmyring/phpmyring < 4.2

Published Aug 14, 2006

Tracked Since Feb 18, 2026