Back to search
CVE-2006-0775
Published: Feb 19, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 allow remote attackers to execute arbitrary SQL commands via the $month variable. NOTE: a vector regarding the $date parameter and data.php (date.php) was originally reported, but this appears to be in error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
23185
vdb-entry
x_refsource_OSVDB
ADV-2006-0621
vdb-entry
x_refsource_VUPEN
birthsys-show-date-sql-injection(24617)
vdb-entry
x_refsource_XF
467
third-party-advisory
x_refsource_SREASON
20060215 EV0074 BirthSys 3.1 SQL injection (fwd)
mailing-list
x_refsource_VIM
http://www.evuln.com/vulns/74/summary.html
x_refsource_MISC
18893
third-party-advisory
x_refsource_SECUNIA
16684
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now