Lucene search

[email protected]CVE-2006-1743

HistoryApr 12, 2006 - 10:02 p.m.

CVE-2006-1743

2006-04-1222:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

sql injection

jbook 1.4

form.php

9.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.9%

JSON

Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) nom or (2) mail parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CPENameOperatorVersion
jbook:jbookjbookeq1.4

CPE	Name	Operator	Version
jbook:jbook	jbook	eq	1.4

References

secunia.com/advisories/19613

www.securityfocus.com/bid/17458

www.vupen.com/english/advisories/2006/1315

exchange.xforce.ibmcloud.com/vulnerabilities/25735

9.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.9%

JSON

Related for CVE-2006-1743

prion1