Lucene search

[email protected]CVE-2006-1710

HistoryApr 11, 2006 - 6:06 p.m.

CVE-2006-1710

2006-04-1118:06:00

[email protected]

web.nvd.nist.gov

sql injection

admin.php

design nation dnguestbook 2.0

remote execution

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters.

Affected configurations

NVD

Node

design_nationdnguestbookMatch2.0

CPENameOperatorVersion
design_nation:dnguestbookdesign nation dnguestbookeq2.0

CPE	Name	Operator	Version
design_nation:dnguestbook	design nation dnguestbook	eq	2.0

References

secunia.com/advisories/19601

www.securityfocus.com/bid/17435

www.vupen.com/english/advisories/2006/1299

exchange.xforce.ibmcloud.com/vulnerabilities/25699

www.exploit-db.com/exploits/1653

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for CVE-2006-1710

nvd1 prion1 cvelist1