Lucene search

[email protected]CVE-2006-1489

HistoryMar 29, 2006 - 8:06 p.m.

CVE-2006-1489

2006-03-2920:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1489

sql injection

fusionzone

couponzone

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON

Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters.

Affected configurations

NVD

Node

fusionzonecouponzoneMatch4.2

CPENameOperatorVersion
fusionzone:couponzonefusionzone couponzoneeq4.2

CPE	Name	Operator	Version
fusionzone:couponzone	fusionzone couponzone	eq	4.2

References

pridels0.blogspot.com/2006/03/couponzone-v42-multiple-vuln.html

www.osvdb.org/24179

www.securityfocus.com/bid/17274

exchange.xforce.ibmcloud.com/vulnerabilities/25576

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON

Related for CVE-2006-1489

prion1 cvelist1 nvd1