Lucene search

[email protected]CVE-2006-0693

HistoryFeb 15, 2006 - 11:06 a.m.

CVE-2006-0693

2006-02-1511:06:00

[email protected]

web.nvd.nist.gov

sql injection

rb_auth.php

roberto butti calimba 0.99.2 beta

nvd

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.6%

JSON

Multiple SQL injection vulnerabilities in rb_auth.php in Roberto Butti CALimba 0.99.2 beta and earlier allow remote attackers to execute arbitrary SQL commands and bypass login authentication via the (1) login and (2) password parameters.

Affected configurations

NVD

Node

roberto_butticalimbaMatch0.99.1

roberto_butticalimbaMatch0.99.2_beta

CPENameOperatorVersion
roberto_butti:calimbaroberto butti calimbaeq0.99.1
roberto_butti:calimbaroberto butti calimbaeq0.99.2_beta

CPE	Name	Operator	Version
roberto_butti:calimba	roberto butti calimba	eq	0.99.1
roberto_butti:calimba	roberto butti calimba	eq	0.99.2_beta

References

secunia.com/advisories/18856

securityreason.com/securityalert/453

www.evuln.com/vulns/68/summary.html

www.securityfocus.com/archive/1/425364/100/0/threaded

www.securityfocus.com/bid/16632

www.vupen.com/english/advisories/2006/0523

exchange.xforce.ibmcloud.com/vulnerabilities/24578

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.6%

JSON

Related for CVE-2006-0693

cvelist1 nvd1 prion1 securityvulns1