Unrated severityNVD Advisory· Published Apr 20, 2006· Updated Apr 16, 2026

CVE-2006-1947

Description

Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters.

Affected products

Nicplex/Plexum
cpe:2.3:a:nicplex:plexum:*:*:*:*:*:*:*:*
Range: <=x5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/17617nvdExploit
secunia.com/advisories/19720nvdVendor Advisory
pridels0.blogspot.com/2006/04/plexum-x5-sql-vuln.htmlnvd
www.vupen.com/english/advisories/2006/1423nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25918nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000