{ "schema_version": "1.4.0", "id": "GHSA-vpmp-5444-6g95", "modified": "2022-05-01T07:20:19Z", "published": "2022-05-01T07:20:19Z", "aliases": [ "CVE-2006-4606" ], "details": "Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas parameter in busqueda_tema.php, the (2) cadena parameter in busqueda.php, the (3) id_autor parameter in autor.php, the (4) email parameter in lista.php, and the (5) id_articulo parameter in articulo.php.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4606" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/3538" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/8425" }, { "type": "WEB", "url": "http://secunia.com/advisories/21738" }, { "type": "WEB", "url": "http://securityreason.com/securityalert/1499" }, { "type": "WEB", "url": "http://www.attrition.org/pipermail/vim/2009-April/002167.html" }, { "type": "WEB", "url": "http://www.osvdb.org/28445" }, { "type": "WEB", "url": "http://www.osvdb.org/28446" }, { "type": "WEB", "url": "http://www.osvdb.org/28447" }, { "type": "WEB", "url": "http://www.osvdb.org/28448" }, { "type": "WEB", "url": "http://www.osvdb.org/28451" }, { "type": "WEB", "url": "http://www.osvdb.org/28452" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/445007/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/502637/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/19818" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/23079" } ], "database_specific": { "cwe_ids": [], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-09-07T00:04:00Z" } }