Lucene search

[email protected]CVE-2006-2826

HistoryJun 05, 2006 - 5:02 p.m.

CVE-2006-2826

2006-06-0517:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

php

base library

phplib

7.4a

sql injection

vulnerability

nvd

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON

SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote attackers to execute arbitrary SQL commands via the id variable, which is set by a client through a query string or a cookie.

CPENameOperatorVersion
phplib_team:phplibphplib team phplibeq7.4_pre2
phplib_team:phplibphplib team phplibeq7.4

CPE	Name	Operator	Version
phplib_team:phplib	phplib team phplib	eq	7.4_pre2
phplib_team:phplib	phplib team phplib	eq	7.4

References

secunia.com/advisories/16902

securitytracker.com/id?1016123

sourceforge.net/project/shownotes.php?group_id=31885&release_id=396091

www.gulftech.org/?node=research&article_id=00107-03052006

www.osvdb.org/23466

www.securityfocus.com/bid/16801

www.vupen.com/english/advisories/2006/0720

exchange.xforce.ibmcloud.com/vulnerabilities/24873

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for CVE-2006-2826

cvelist1 prion1 exploitpack1 zdt1 exploitdb1