Unrated severityNVD Advisory· Published Apr 26, 2006· Updated Apr 16, 2026

CVE-2006-2034

Description

SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php.

Affected products

Flexbb/Flexbb
cpe:2.3:a:flexbb:flexbb:0.5.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osvdb.org/24867nvd
www.securityfocus.com/archive/1/431793/100/0/threadednvd
www.securityfocus.com/bid/17574nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000