CVE-2006-3318
Summary
| CVE | CVE-2006-3318 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-29 21:05:00 UTC |
| Updated | 2018-10-18 16:46:00 UTC |
| Description | SQL injection vulnerability in register.php for phpRaid 3.0.6 and possibly other versions, when the authorization type is phpraid, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) email parameters. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityReason - phpRaid SQL Injection and File InclusionVulnerabilities | SREASON | securityreason.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Secunia - Advisories - phpRaid SQL Injection and File Inclusion Vulnerabilities | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| phpRaid SQL Injection and File Inclusion Vulnerabilities - Secunia Research - Secunia | MISC | secunia.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.