Lucene search

[email protected]CVE-2006-2202

HistoryMay 04, 2006 - 5:06 p.m.

CVE-2006-2202

2006-05-0417:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2202

sql injection

invision gallery

post.php

nvd

9.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.024 Low

EPSS

Percentile

90.0%

JSON

SQL injection vulnerability in post.php in Invision Gallery 2.0.6 allows remote attackers to execute arbitrary SQL commands via the album parameter.

CPENameOperatorVersion
invision_power_services:invision_galleryinvision power services invision galleryeq2.0.6

CPE	Name	Operator	Version
invision_power_services:invision_gallery	invision power services invision gallery	eq	2.0.6

References

secunia.com/advisories/19948

securityreason.com/securityalert/841

securitytracker.com/id?1016019

www.osvdb.org/25231

www.securityfocus.com/archive/1/432731/100/0/threaded

www.securityfocus.com/archive/1/432952/100/0/threaded

www.securityfocus.com/bid/17793

www.vupen.com/english/advisories/2006/1655

exchange.xforce.ibmcloud.com/vulnerabilities/26224

9.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.024 Low

EPSS

Percentile

90.0%

JSON

Related for CVE-2006-2202

prion1 cvelist1