Lucene search

[email protected]CVE-2006-1265

HistoryMar 19, 2006 - 2:02 a.m.

CVE-2006-1265

2006-03-1902:02:00

[email protected]

web.nvd.nist.gov

cve

2006

1265

sql injection

vulnerability

xhawk.net

discussion 2.0 beta2

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.3%

JSON

SQL injection vulnerability in discussion.class.php in xhawk.net discussion 2.0 beta2 allows remote attackers to execute arbitrary SQL commands via the view parameter.

Affected configurations

NVD

Node

xhawk.netdiscussionMatch2.0_beta2

CPENameOperatorVersion
xhawk.net:discussionxhawk.net discussioneq2.0_beta2

CPE	Name	Operator	Version
xhawk.net:discussion	xhawk.net discussion	eq	2.0_beta2

References

evuln.com/vulns/92/summary.html

www.osvdb.org/23971

www.securityfocus.com/archive/1/427729/100/0/threaded

www.securityfocus.com/bid/17121

exchange.xforce.ibmcloud.com/vulnerabilities/25237

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.3%

JSON

Related for CVE-2006-1265

nvd1 cvelist1 prion1