Lucene search

[email protected]CVE-2006-1817

HistoryApr 18, 2006 - 10:02 a.m.

CVE-2006-1817

2006-04-1810:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1817

sql injection

authcheck.php

warforge.news 1.0

security vulnerability

nvd

8.8 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.022 Low

EPSS

Percentile

89.2%

JSON

SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) authusername and possibly the (2) authpassword cookie.

CPENameOperatorVersion
the_war_forge:warforge.newsthe war forge warforge.newseq1.0

CPE	Name	Operator	Version
the_war_forge:warforge.news	the war forge warforge.news	eq	1.0

References

evuln.com/vulns/125/summary.html

www.securityfocus.com/archive/1/432104/100/0/threaded

www.securityfocus.com/bid/17520

www.securityfocus.com/bid/17705

www.vupen.com/english/advisories/2006/1359

exchange.xforce.ibmcloud.com/vulnerabilities/25900

8.8 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.022 Low

EPSS

Percentile

89.2%

JSON

Related for CVE-2006-1817

prion1 securityvulns1