Unrated severityNVD Advisory· Published Sep 23, 2006· Updated Apr 16, 2026

CVE-2006-4957

Description

SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php.

Affected products

The Myreview System/Myreview
cpe:2.3:a:the_myreview_system:myreview:1.9.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/20105nvdExploit
secunia.com/advisories/21991nvdVendor Advisory
www.vupen.com/english/advisories/2006/3716nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29029nvd
www.exploit-db.com/exploits/2397nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000