Unrated severityNVD Advisory· Published Mar 28, 2006· Updated Apr 16, 2026

CVE-2006-1426

Description

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.

Affected products

Pixel Motion/Pixel Motion Blog
cpe:2.3:a:pixel_motion:pixel_motion_blog:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19421nvdExploitVendor Advisory
www.securityfocus.com/bid/17260nvdExploit
www.osvdb.org/24168nvd
www.osvdb.org/24169nvd
www.securityfocus.com/archive/1/428964/100/0/threadednvd
www.vupen.com/english/advisories/2006/1135nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25478nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25481nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000