CVE-2006-5732

Tgs Cms < 0.1.7 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · phpwebappsphp

https://www.exploit-db.com/exploits/2694

View Code ZIP pw:eip

References (5)

[Product] http://sourceforge.net/project/shownotes.php?release_id=464660&group_id=173946

[Exploit] http://www.securityfocus.com/bid/20850

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/29941

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2694

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4667

Scores

EPSS 0.0071

EPSS Percentile 72.3%

Details

Status published

Products (1)

tgs_cms/tgs_cms < 0.1.7

Published Nov 06, 2006

Tracked Since Feb 18, 2026