{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T12:32:35.060","vulnerabilities":[{"cve":{"id":"CVE-2006-2065","sourceIdentifier":"cve@mitre.org","published":"2006-04-27T13:34:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie.  NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en save.php en PHPSurveyor 0.995 y versiones anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de la cookie surveyid. NOTA: este caso podría ser aprovechado para ejecutar código PHP arbitrario, como se demuestra mediante la inserción secuencias de salto de directorio dentro de la base de dato, que luego son procesado por la variable thissurvey['language']."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.96_beta:*:*:*:*:*:*:*","matchCriteriaId":"1F82FE01-FC91-4259-A53D-4D03FCB0DCCA"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.97_beta:*:*:*:*:*:*:*","matchCriteriaId":"086A5B9A-B3A2-42FC-B76C-D61225217762"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.98_beta:*:*:*:*:*:*:*","matchCriteriaId":"7DAD67BC-BA23-4692-B333-D5F412DB7B88"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.98_stable:*:*:*:*:*:*:*","matchCriteriaId":"F9467C7F-8283-4717-AA0F-AB1E745C5CA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.99:*:*:*:*:*:*:*","matchCriteriaId":"1BA0CC28-1114-4CFC-B445-2FDF5D972AD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.991:*:*:*:*:*:*:*","matchCriteriaId":"1CCB1FA7-3DA0-42C1-B426-B07A15C86F0A"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.992:*:*:*:*:*:*:*","matchCriteriaId":"BDAC784E-B1D7-486E-940C-09BC34855BBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.993:*:*:*:*:*:*:*","matchCriteriaId":"B6D7CDFC-5911-431E-ABD9-E864A71F8146"},{"vulnerable":true,"criteria":"cpe:2.3:a:phpsurveyor:phpsurveyor:0.995:*:*:*:*:*:*:*","matchCriteriaId":"8A0EF001-46CB-4D68-B451-5206E8F6DD3C"}]}]}],"references":[{"url":"http://retrogod.altervista.org/phpsurveyor_0995_xpl.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/19761","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://securitytracker.com/id?1015970","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/24787","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/431508/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/17633","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2006/1451","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25970","source":"cve@mitre.org"},{"url":"http://retrogod.altervista.org/phpsurveyor_0995_xpl.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/19761","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://securitytracker.com/id?1015970","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/24787","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/431508/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/17633","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2006/1451","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25970","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}