Unrated severityNVD Advisory· Published Jun 6, 2006· Updated Apr 16, 2026

CVE-2006-2835

Description

SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php.

Affected products

Saphplesson/Saphplesson
cpe:2.3:a:arabless:saphplesson:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityreason.com/securityalert/1047nvd
www.securityfocus.com/archive/1/435202/100/0/threadednvd
www.securityfocus.com/archive/1/440120nvd
www.securityfocus.com/archive/1/472798/100/0/threadednvd
www.securityfocus.com/bid/18117nvd
www.securityfocus.com/bid/18934nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26757nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000