{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3752", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt", "refsource": "MISC", "url": "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt" }, { "name": "1248", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1248" }, { "name": "20060717 Professional PHP Tools Guestbook Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/440421/100/0/threaded" }, { "name": "phptguestbook-class-sql-injection(27774)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27774" }, { "name": "21102", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21102" }, { "name": "19019", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19019" }, { "name": "ADV-2006-2876", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2876" }, { "name": "1016550", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016550" } ] } }