Unrated severityNVD Advisory· Published Jul 13, 2006· Updated Jun 16, 2026

CVE-2006-3559

Description

Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to execute arbitrary SQL commands and delete all shoutbox messages via the (1) name and (2) pesan parameters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Auracms/Auracms2 versions
cpe:2.3:a:arif_supriyanto:auracms:1.62:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:arif_supriyanto:auracms:1.62:*:*:*:*:*:*:*
- (no CPE)range: = 1.62

Patches

Vulnerability mechanics

References

h1.ripway.com/lintah/adv/txt/01-iFX-2006-AuraCMS-v1.62-XSS-Bug.txtnvdExploit
www.securityfocus.com/bid/18867nvdExploit
securityreason.com/securityalert/1226nvd
www.osvdb.org/28201nvd
www.securityfocus.com/archive/1/439494/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/27705nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000