Unrated severityNVD Advisory· Published Jun 27, 2006· Updated Apr 16, 2026

CVE-2006-3236

Description

Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php.

Affected products

Thinkfactory/Thinkwms
cpe:2.3:a:thinkfactory:thinkwms:*:*:*:*:*:*:*:*
Range: <=1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20747nvdVendor Advisory
pridels0.blogspot.com/2006/06/thinkwms-sql-injection-vuln.htmlnvd
securitytracker.com/idnvd
www.osvdb.org/26742nvd
www.osvdb.org/26743nvd
www.securityfocus.com/bid/18567nvd
www.vupen.com/english/advisories/2006/2470nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27270nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000