Lucene search

K
cveMitreCVE-2006-1616
HistoryApr 05, 2006 - 10:04 a.m.

CVE-2006-1616

2006-04-0510:04:00
mitre
web.nvd.nist.gov
26
cve-2006-1616
sql injection
advanced poll 2.02
remote attackers
arbitrary sql commands

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

51.9%

Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to comments.php or (2) poll_id parameter to page.php.

Affected configurations

Nvd
Node
advanced_polladvanced_pollMatch2.0.2
VendorProductVersionCPE
advanced_polladvanced_poll2.0.2cpe:2.3:a:advanced_poll:advanced_poll:2.0.2:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

51.9%

Related for CVE-2006-1616