CVE-2006-2688

CVE Database · CVE-2006-2688

CVE-2006-2688

· N/AModified

CVSS v3.1

N/A

EPSS

1.29%

Published

May 31, 2006

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter.

Affected Products (2)

achievo · achievovulnerable

References (14)

http://bugzilla.achievo.org/show_bug.cgi?id=624

http://secunia.com/advisories/20327

PatchVendor Advisory

http://www.achievo.org/download/releasenotes/1_2_1

Patch

http://www.osvdb.org/25811

http://www.securityfocus.com/bid/18171

http://www.vupen.com/english/advisories/2006/2053

https://exchange.xforce.ibmcloud.com/vulnerabilities/26755

http://bugzilla.achievo.org/show_bug.cgi?id=624

http://secunia.com/advisories/20327

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs