CVE-2006-5765

Article Script < 1.6.3 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in rss.php in Article Script 1.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Liz0ziM · textwebappsphp

https://www.exploit-db.com/exploits/2728

View Code ZIP pw:eip

References (7)

Core 7

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20929

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22698

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/4352

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/450678

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/30038

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/1826

Exploit, URL Repurposed x_refsource_misc

http://www.blogcu.com/Liz0ziM/1312100

Scores

EPSS 0.0143

EPSS Percentile 80.8%

Details

Status published

Products (1)

article_script/article_script < 1.6.3

Published Nov 06, 2006

Tracked Since Feb 18, 2026