CVE-2006-1954

SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nfec.de:rechnungszentrale:v2_1.1.3:*:*:*:*:*:*:*

History

21 Nov 2024, 00:10

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html - () http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html -
References () http://secunia.com/advisories/19728 - () http://secunia.com/advisories/19728 -
References () http://www.g-0.org/code/rz2-adv.html - Exploit, URL Repurposed () http://www.g-0.org/code/rz2-adv.html - Exploit, URL Repurposed
References () http://www.osvdb.org/24752 - () http://www.osvdb.org/24752 -
References () http://www.securityfocus.com/bid/17588 - Exploit () http://www.securityfocus.com/bid/17588 - Exploit
References () http://www.vupen.com/english/advisories/2006/1425 - () http://www.vupen.com/english/advisories/2006/1425 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25911 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25911 -
References () https://www.exploit-db.com/exploits/1699 - () https://www.exploit-db.com/exploits/1699 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References () http://www.g-0.org/code/rz2-adv.html - Exploit () http://www.g-0.org/code/rz2-adv.html - Exploit, URL Repurposed

Information

Published : 2006-04-21 10:02

Updated : 2025-04-03 01:03


NVD link : CVE-2006-1954

Mitre link : CVE-2006-1954

CVE.ORG link : CVE-2006-1954


JSON object : View

Products Affected

nfec.de

  • rechnungszentrale