Lucene search

[email protected]CVE-2006-2508

HistoryMay 22, 2006 - 7:02 p.m.

CVE-2006-2508

2006-05-2219:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

tr1.php

stylish text ads script

remote attackers

arbitrary sql commands

cve-2006-2508

8.8 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly involving an attack vector using advertise.php.

CPENameOperatorVersion
yourfreeworld:stylish_text_ads_scriptyourfreeworld stylish text ads scripteq*

CPE	Name	Operator	Version
yourfreeworld:stylish_text_ads_script	yourfreeworld stylish text ads script	eq	*

References

secunia.com/advisories/20213

securityreason.com/securityalert/931

www.osvdb.org/25691

www.osvdb.org/25692

www.securityfocus.com/archive/1/434527/100/0/threaded

www.securityfocus.com/bid/18044

www.vupen.com/english/advisories/2006/1897

exchange.xforce.ibmcloud.com/vulnerabilities/26569

exchange.xforce.ibmcloud.com/vulnerabilities/26570

8.8 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2006-2508

prion1 cve1