Lucene search

K
cve[email protected]CVE-2006-2486
HistoryMay 19, 2006 - 11:02 p.m.

CVE-2006-2486

2006-05-1923:02:00
web.nvd.nist.gov
25
cve-2006-2486
sql injection
find.php
yapbb 1.2 beta2
nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter.

Affected configurations

NVD
Node
yapbbyapbbMatch1.1
OR
yapbbyapbbMatch1.2
OR
yapbbyapbbMatch1.2_beta2

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

Related for CVE-2006-2486