CVE-2006-0973 | Vulnerability Database | Aqua Security

SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.

Affected Software

Name	Vendor	Start Version	End Version
Phpwebsite	Phpwebsite	0.7.3 (including)	0.7.3 (including)
Phpwebsite	Phpwebsite	0.8.2 (including)	0.8.2 (including)
Phpwebsite	Phpwebsite	0.8.3 (including)	0.8.3 (including)
Phpwebsite	Phpwebsite	0.9.3 (including)	0.9.3 (including)
Phpwebsite	Phpwebsite	0.9.3.1 (including)	0.9.3.1 (including)
Phpwebsite	Phpwebsite	0.9.3.2 (including)	0.9.3.2 (including)
Phpwebsite	Phpwebsite	0.9.3.3 (including)	0.9.3.3 (including)
Phpwebsite	Phpwebsite	0.9.3.4 (including)	0.9.3.4 (including)
Phpwebsite	Phpwebsite	0.10 (including)	0.10 (including)
Phpwebsite	Phpwebsite	0.10.1 (including)	0.10.1 (including)
Phpwebsite	Phpwebsite	0.10.2 (including)	0.10.2 (including)

References

http://www.securityfocus.com/archive/1/430870/100/0/threaded
http://www.securityfocus.com/archive/1/435009/100/0/threaded
http://www.securityfocus.com/bid/16825
http://www.securityfocus.com/data/vulnerabilities/exploits/phpWebSite-topic-sql-inj.pl
https://exchange.xforce.ibmcloud.com/vulnerabilities/25799
https://www.exploit-db.com/exploits/1525

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0973
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html