CVE-2006-3092

Name: CVE-2006-3092
Creator: NVD / NIST
Published: 2006-06-19T21:02:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.91%

Last modified Jun 16, 2026

CVE-2006-3092 is a vulnerability of currently unknown severity. PhpMyFactures 1.2 and earlier allows remote attackers to bypass authentication and modify data via direct requests with modified parameters to (1) /tva/ajouter_tva.php, (2) /remises/ajouter_remise.php, (3) /pays/ajouter_pays.php, (4) /pays/modifier_pays.php, (5) /produits/ajouter_cat.php, (6) /produits/ajouter_produit.php, (7) /clients/ajouter_client.php, (8) /clients/modifier_client.php. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.. EPSS estimates a 2.91% chance of exploitation in the next 30 days.

Description

PhpMyFactures 1.2 and earlier allows remote attackers to bypass authentication and modify data via direct requests with modified parameters to (1) /tva/ajouter_tva.php, (2) /remises/ajouter_remise.php, (3) /pays/ajouter_pays.php, (4) /pays/modifier_pays.php, (5) /produits/ajouter_cat.php, (6) /produits/ajouter_produit.php, (7) /clients/ajouter_client.php, (8) /clients/modifier_client.php. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.

Metrics

EPSS Probability

2.91%

85.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Phpmyfactures	Phpmyfactures	<= 1.2
Phpmyfactures	Phpmyfactures	1.0

References

http://secunia.com/advisories/20642Exploit, Vendor Advisory
http://securityreason.com/securityalert/1111
http://www.acid-root.new.fr/advisories/phpmyfactures.txtExploit, Vendor Advisory
http://www.osvdb.org/26477
http://www.securityfocus.com/archive/1/437025/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/27206
http://secunia.com/advisories/20642Exploit, Vendor Advisory
http://securityreason.com/securityalert/1111
http://www.acid-root.new.fr/advisories/phpmyfactures.txtExploit, Vendor Advisory
http://www.osvdb.org/26477
http://www.securityfocus.com/archive/1/437025/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/27206

Timeline

Published: Jun 19, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-3092?

How severe is CVE-2006-3092?

Severity scoring for CVE-2006-3092 is pending analysis. The EPSS model estimates a 2.91% probability of exploitation in the next 30 days.

How do I fix CVE-2006-3092?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-3092?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST