Lucene search

[email protected]CVE-2006-1585

HistoryApr 02, 2006 - 9:04 p.m.

CVE-2006-1585

2006-04-0221:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2006

1585

sql injection

monalbum

index.php

image_agrandir.php

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

75.8%

JSON

Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php.

CPENameOperatorVersion
3dsrc:monalbum3dsrc monalbumeq0.8.7

CPE	Name	Operator	Version
3dsrc:monalbum	3dsrc monalbum	eq	0.8.7

References

secunia.com/advisories/19503

securityreason.com/securityalert/660

www.bash-x.net/undef/adv/monalbum.html

www.securityfocus.com/archive/1/429475/100/0/threaded

www.securityfocus.com/bid/17327

www.vupen.com/english/advisories/2006/1206

exchange.xforce.ibmcloud.com/vulnerabilities/25572

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

75.8%

JSON

Related for CVE-2006-1585

prion1