Unrated severityNVD Advisory· Published May 2, 2006· Updated Apr 16, 2026

CVE-2006-2139

Description

Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to (c) delete.php, or (8) tablename parameter to (d) searchnews.php.

Affected products

Wilsonncareabusinesses/PHP Newsfeed
cpe:2.3:a:wilsonncareabusinesses:php_newsfeed:2004-07-23:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19904nvdVendor Advisory
evuln.com/vulns/129/summary.htmlnvd
www.osvdb.org/25132nvd
www.osvdb.org/25133nvd
www.osvdb.org/25134nvd
www.osvdb.org/25135nvd
www.securityfocus.com/bid/17757nvd
www.vupen.com/english/advisories/2006/1574nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26205nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000