Lucene search

K
cve[email protected]CVE-2006-1421
HistoryMar 28, 2006 - 8:02 p.m.

CVE-2006-1421

2006-03-2820:02:00
web.nvd.nist.gov
16
sql injection
vulnerability
akocomment.php
akocomment 2.0
mambo
security
nvd

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

Multiple SQL injection vulnerabilities in akocomment.php in AkoComment 2.0 module for Mambo, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) acname or (2) contentid parameter.

Affected configurations

NVD
Node
arthur_konze_webdesignakocommentMatch2.0

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

Related for CVE-2006-1421