Lucene search

K
cve[email protected]CVE-2006-0563
HistoryFeb 06, 2006 - 11:02 p.m.

CVE-2006-0563

2006-02-0623:02:00
NVD-CWE-Other
web.nvd.nist.gov
24
cve-2006-0563
sql injection
exec.php
pluggedout blog 1.9.9c
remote attackers
arbitrary sql commands
entryid parameter
nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

83.8%

SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a comment_add action.

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

83.8%

Related for CVE-2006-0563