Lucene search

K
cve[email protected]CVE-2006-0851
HistoryFeb 23, 2006 - 2:06 a.m.

CVE-2006-0851

2006-02-2302:06:00
web.nvd.nist.gov
34
cve-2006-0851
sql injection
ilchclan
forum module
remote attackers
arbitrary commands

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost.

Affected configurations

NVD
Node
ilch.deilchclanMatch0.0.1
OR
ilch.deilchclanMatch1.0.0
OR
ilch.deilchclanMatch1.0.1
OR
ilch.deilchclanMatch1.0.2
OR
ilch.deilchclanMatch1.0.3
OR
ilch.deilchclanMatch1.0.4

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

Related for CVE-2006-0851