Lucene search

[email protected]CVE-2006-1421

HistoryMar 28, 2006 - 8:02 p.m.

CVE-2006-1421

2006-03-2820:02:00

[email protected]

web.nvd.nist.gov

sql injection

vulnerability

akocomment.php

akocomment 2.0

mambo

security

nvd

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON

Multiple SQL injection vulnerabilities in akocomment.php in AkoComment 2.0 module for Mambo, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) acname or (2) contentid parameter.

Affected configurations

NVD

Node

arthur_konze_webdesignakocommentMatch2.0

CPENameOperatorVersion
arthur_konze_webdesign:akocommentarthur konze webdesign akocommenteq2.0

CPE	Name	Operator	Version
arthur_konze_webdesign:akocomment	arthur konze webdesign akocomment	eq	2.0

References

secunia.com/advisories/19392

securityreason.com/securityalert/631

www.osvdb.org/24209

www.securityfocus.com/archive/1/428893/100/0/threaded

www.securityfocus.com/bid/17241

www.vupen.com/english/advisories/2006/1136

exchange.xforce.ibmcloud.com/vulnerabilities/25451

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for CVE-2006-1421

prion2 cvelist2 nvd2 cve1