Lucene search

[email protected]CVE-2006-1051

HistoryMar 07, 2006 - 9:06 p.m.

CVE-2006-1051

2006-03-0721:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1051

sql injection

akarru social bookmarking engine

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.5%

JSON

SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php.

Affected configurations

NVD

Node

akarrusocial_bookmarking_engineMatch0.4.3.2

akarrusocial_bookmarking_engineMatch0.4.3.3

CPENameOperatorVersion
akarru:social_bookmarking_engineakarru social bookmarking engineeq0.4.3.2
akarru:social_bookmarking_engineakarru social bookmarking engineeq0.4.3.3

CPE	Name	Operator	Version
akarru:social_bookmarking_engine	akarru social bookmarking engine	eq	0.4.3.2
akarru:social_bookmarking_engine	akarru social bookmarking engine	eq	0.4.3.3

References

secunia.com/advisories/19112

sourceforge.net/project/shownotes.php?release_id=398713&group_id=155783

www.securityfocus.com/bid/16989

www.vupen.com/english/advisories/2006/0841

exchange.xforce.ibmcloud.com/vulnerabilities/25115

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.5%

JSON

Related for CVE-2006-1051

nvd1 cvelist1 prion1