CVE-2006-1811
CVSS 6.4 - MEDIUM
Description
Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) forumid, or (3) threadid parameter to index.php; the (4) ICQ, (5) AIM, (6) MSN, (7) Google Talk, (8) Website Name, (9) Website Address, (10) Email Address, (11) Location, (12) Signature, and (13) Sub-Titles fields in the user profile; or (14) flexbb_password field in a cookie.
Affected Products
1| Vendor | Product | Version |
|---|---|---|
| flexbb | flexbb |
0.5.5_beta
|
References
Weakness Types
NVD-CWE-Other
CVE Information
- CVE ID:
CVE-2006-1811- Published:
- 2006-04-18
- Modified:
- 2026-04-16
- CVSS Score:
- 6.4
- Severity:
- MEDIUM
- Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:N
Affected Vendors
flexbb
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL