CVE-2006-6542

Fantastic News <2.1.4 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Bl0od3r · perlwebappsphp
https://www.exploit-db.com/exploits/2906

References (3)

Scores

EPSS 0.0112
EPSS Percentile 78.3%

Details

Status published
Products (1)
fantastic_news/fantastic_news < 2.1.4
Published Dec 14, 2006
Tracked Since Feb 18, 2026