CVE-2006-4748

N/A Unknown
Published: September 13, 2006 Modified: April 16, 2026
View on NVD

Description

Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Poll.php; and allow remote authenticated users to execute arbitrary SQL commands via the (6) pageRef parameter in (c) admin/plugins/NP_Referrer.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://blogcms.com/wiki/changelog
Source: cve@mitre.org
http://secunia.com/advisories/21808
Source: cve@mitre.org
http://securityreason.com/securityalert/1566
Source: cve@mitre.org
http://www.hackers.ir/advisories/blogcms.html
Source: cve@mitre.org
http://www.osvdb.org/28604
Source: cve@mitre.org
http://www.osvdb.org/28605
Source: cve@mitre.org
http://www.osvdb.org/28606
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/445538/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/19909
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2006/3521
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/28808
Source: cve@mitre.org
http://blogcms.com/wiki/changelog
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21808
Source: af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/1566
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.hackers.ir/advisories/blogcms.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/28604
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/28605
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/28606
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/445538/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/19909
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/3521
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/28808
Source: af854a3a-2127-422b-91ae-364da2661108

22 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.6%
82th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

f-art_agency