Lucene search

K
cve[email protected]CVE-2006-2040
HistoryApr 26, 2006 - 6:06 p.m.

CVE-2006-2040

2006-04-2618:06:00
NVD-CWE-Other
web.nvd.nist.gov
16
cve-2006-2040
sql injection
photokorn
index.php
postcard.php
print.php
nvd
security vulnerability

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.007 Low

EPSS

Percentile

79.8%

Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.007 Low

EPSS

Percentile

79.8%

Related for CVE-2006-2040