Lucene search

[email protected]CVE-2006-2244

HistoryMay 09, 2006 - 10:02 a.m.

CVE-2006-2244

2006-05-0910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

sql injection

web4future news portal

security vulnerability

nvd

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php.

CPENameOperatorVersion
web4future:news_portalweb4future news portaleq*

CPE	Name	Operator	Version
web4future:news_portal	web4future news portal	eq	*

References

secunia.com/advisories/17880

securitytracker.com/id?1016027

www.osvdb.org/25285

www.osvdb.org/25286

exchange.xforce.ibmcloud.com/vulnerabilities/26260

9.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2006-2244

prion1