CVE-2006-6912

phpmyfaq < 1.6.7 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6912. PoCs published by elgCrew.

AI-analyzed exploit summary This exploit leverages SQL injection in phpMyFAQ < 1.6.8 to upload a malicious PHP file via the attachment feature, achieving remote command execution. The payload is embedded in a crafted SQL query and uploaded to the server, then executed via a direct request.

Description

SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by elgCrew · phpwebappsphp
https://www.exploit-db.com/exploits/3393

This exploit leverages SQL injection in phpMyFAQ < 1.6.8 to upload a malicious PHP file via the attachment feature, achieving remote command execution. The payload is embedded in a crafted SQL query and uploaded to the server, then executed via a direct request.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: phpMyFAQ < 1.6.8
No auth needed
Prerequisites: Target must be running phpMyFAQ < 1.6.8 · Admin attachment feature must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Various Sources x_refsource_confirm
http://www.phpmyfaq.de/advisory_2006-12-15.php
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23651
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0077
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32802
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21944

Scores

EPSS 0.0099
EPSS Percentile 58.0%

Details

CWE
CWE-89
Status published
Products (1)
phpmyfaq/phpmyfaq < 1.6.7
Published Dec 31, 2006
Tracked Since Feb 18, 2026