Lucene search

[email protected]CVE-2006-1001

HistoryMar 06, 2006 - 8:06 p.m.

CVE-2006-1001

2006-03-0620:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1001

sql injection

lansuite

lanparty

intranet system

fid parameter

9.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.027 Low

EPSS

Percentile

90.4%

JSON

SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter.

CPENameOperatorVersion
lansuite:lanparty_intranet_systemlansuite lanparty intranet systemeq2.1
lansuite:lanparty_intranet_systemlansuite lanparty intranet systemeq2.0.6

CPE	Name	Operator	Version
lansuite:lanparty_intranet_system	lansuite lanparty intranet system	eq	2.1
lansuite:lanparty_intranet_system	lansuite lanparty intranet system	eq	2.0.6

References

secunia.com/advisories/19048

www.osvdb.org/23533

www.securityfocus.com/bid/16836

www.vupen.com/english/advisories/2006/0747

exchange.xforce.ibmcloud.com/vulnerabilities/24940

www.exploit-db.com/exploits/1526

9.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.027 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2006-1001

prion1