VYPR
Unrated severityNVD Advisory· Published Apr 6, 2006· Updated Jun 16, 2026

CVE-2006-1641

CVE-2006-1641

Description

Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:czaries_network:czarnews:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:czaries_network:czarnews:*:*:*:*:*:*:*:*range: <=1.14
    • cpe:2.3:a:czaries_network:czarnews:1.13b:*:*:*:*:*:*:*
    • (no CPE)range: = 1.14

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.