Unrated severityNVD Advisory· Published Apr 19, 2006· Updated Jun 16, 2026

CVE-2006-1828

Description

SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php121login.php. NOTE: the code execution occurs because the SQL query results are used in an include statement.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

secunia.com/advisories/19643nvdVendor Advisory
retrogod.altervista.org/php121im_14_sql_xpl.htmlnvd
securitytracker.com/idnvd
www.securityfocus.com/bid/17509nvd
www.vupen.com/english/advisories/2006/1349nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25785nvd
www.exploit-db.com/exploits/1666nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000