VAR-200602-0209
Vulnerability from variot - Updated: 2025-04-03 22:32SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter. A SQL injection vulnerability exists in PHP Classifieds 6.18 to 6.20 member_login.php. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. An attacker can exploit this issue to bypass the authentication mechanism and gain access as an arbitrary user.
TITLE: PHP Classifieds "member_login.php" SQL Injection
SECUNIA ADVISORY ID: SA18881
VERIFY ADVISORY: http://secunia.com/advisories/18881/
CRITICAL: Moderately critical
IMPACT: Manipulation of data
WHERE:
From remote
SOFTWARE: PHP Classifieds 6.x http://secunia.com/product/8084/
DESCRIPTION: Audun Larsen has reported a vulnerability in PHP Classifieds, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Successful exploitation allows bypassing of login authentication but requires that the username is known and "magic_quotes_gpc" is disabled.
The vulnerability has been reported in version 6.20 with member_login.php dated before 2006-02-14. Prior versions may also be affected.
SOLUTION: Apply patch. http://www.deltascripts.com/download/
PROVIDED AND/OR DISCOVERED BY: Audun Larsen
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200602-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "php classifieds",
"scope": "eq",
"trust": 1.9,
"vendor": "deltascripts",
"version": "6.20"
},
{
"model": "php classifieds",
"scope": "eq",
"trust": 1.6,
"vendor": "deltascripts",
"version": "6.19"
},
{
"model": "php classifieds",
"scope": "eq",
"trust": 1.6,
"vendor": "deltascripts",
"version": "6.18"
},
{
"model": "classifieds deltascripts",
"scope": "eq",
"trust": 0.6,
"vendor": "php",
"version": "6.20"
},
{
"model": "classifieds deltascripts",
"scope": "eq",
"trust": 0.6,
"vendor": "php",
"version": "6.19"
},
{
"model": "classifieds deltascripts",
"scope": "eq",
"trust": 0.6,
"vendor": "php",
"version": "6.18"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Audun Larsen is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "16642"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
}
],
"trust": 0.9
},
"cve": "CVE-2006-0719",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-0719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-0877",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-0719",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2006-0877",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200602-231",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter. A SQL injection vulnerability exists in PHP Classifieds 6.18 to 6.20 member_login.php. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. \nSuccessful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. An attacker can exploit this issue to bypass the authentication mechanism and gain access as an arbitrary user. \n\nTITLE:\nPHP Classifieds \"member_login.php\" SQL Injection\n\nSECUNIA ADVISORY ID:\nSA18881\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18881/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nPHP Classifieds 6.x\nhttp://secunia.com/product/8084/\n\nDESCRIPTION:\nAudun Larsen has reported a vulnerability in PHP Classifieds, which\ncan be exploited by malicious people to conduct SQL injection\nattacks. This can be exploited to manipulate SQL queries by injecting\narbitrary SQL code. \n\nSuccessful exploitation allows bypassing of login authentication but\nrequires that the username is known and \"magic_quotes_gpc\" is\ndisabled. \n\nThe vulnerability has been reported in version 6.20 with\nmember_login.php dated before 2006-02-14. Prior versions may also be\naffected. \n\nSOLUTION:\nApply patch. \nhttp://www.deltascripts.com/download/\n\nPROVIDED AND/OR DISCOVERED BY:\nAudun Larsen\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0719"
},
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "PACKETSTORM",
"id": "43873"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16642",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2006-0719",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "18881",
"trust": 1.7
},
{
"db": "SREASON",
"id": "424",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-0600",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2006-0877",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060214 SQL INJECTION IN PHP CLASSIFIEDS 6.20",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "43873",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "PACKETSTORM",
"id": "43873"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"id": "VAR-200602-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
}
]
},
"last_update_date": "2025-04-03T22:32:59.379000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/16642"
},
{
"trust": 1.6,
"url": "http://www.deltascripts.com/board/viewtopic.php?id=7234"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/424"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18881"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/0600"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/424955/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/424955/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0600"
},
{
"trust": 0.3,
"url": "http://www.deltascripts.com/phpclassifieds"
},
{
"trust": 0.3,
"url": "/archive/1/424955"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.deltascripts.com/download/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18881/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8084/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "PACKETSTORM",
"id": "43873"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "PACKETSTORM",
"id": "43873"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"date": "2006-02-14T00:00:00",
"db": "BID",
"id": "16642"
},
{
"date": "2006-02-15T18:37:35",
"db": "PACKETSTORM",
"id": "43873"
},
{
"date": "2006-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"date": "2006-02-15T22:06:00",
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"date": "2006-02-15T16:07:00",
"db": "BID",
"id": "16642"
},
{
"date": "2006-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-231"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-0719"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DeltaScripts PHP Classifieds Member_Login.PHP SQL Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0877"
},
{
"db": "BID",
"id": "16642"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sql injection",
"sources": [
{
"db": "PACKETSTORM",
"id": "43873"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-231"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…