Lucene search

[email protected]CVE-2006-0835

HistoryFeb 22, 2006 - 2:02 a.m.

CVE-2006-0835

2006-02-2202:02:00

[email protected]

web.nvd.nist.gov

cve-2006-0835

sql injection

mitridat web calendar pro

denial of service

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter.

Affected configurations

NVD

Node

mitridatweb_calendar_pro

CPENameOperatorVersion
mitridat:web_calendar_promitridat web calendar proeq*

CPE	Name	Operator	Version
mitridat:web_calendar_pro	mitridat web calendar pro	eq	*

References

archives.neohapsis.com/archives/fulldisclosure/2006-02/0340.html

secunia.com/advisories/18902

www.securityfocus.com/bid/16789

www.vupen.com/english/advisories/2006/0700

www.xorcrew.net/xpa/XPA-WebCalendarPro.txt

exchange.xforce.ibmcloud.com/vulnerabilities/24729

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2006-0835

nvd1 prion1 cvelist1