Lucene search

[email protected]CVE-2006-2981

HistoryJun 12, 2006 - 11:02 p.m.

CVE-2006-2981

2006-06-1223:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2981

sql injection

vs_search.php

arantius vice stats

security vulnerability

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.3%

JSON

SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972.

CPENameOperatorVersion
arantius:vice_statsarantius vice statseq1.0
arantius:vice_statsarantius vice statseq0.4_beta
arantius:vice_statsarantius vice statseq0.4.1_beta
arantius:vice_statsarantius vice statseq0.2_beta
arantius:vice_statsarantius vice statseq0.5_beta
arantius:vice_statsarantius vice statseq0.3_beta

CPE	Name	Operator	Version
arantius:vice_stats	arantius vice stats	eq	1.0
arantius:vice_stats	arantius vice stats	eq	0.4_beta
arantius:vice_stats	arantius vice stats	eq	0.4.1_beta
arantius:vice_stats	arantius vice stats	eq	0.2_beta
arantius:vice_stats	arantius vice stats	eq	0.5_beta
arantius:vice_stats	arantius vice stats	eq	0.3_beta

References

www.arantius.com/topic/vice+stats

www.attrition.org/pipermail/vim/2006-June/000848.html

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.3%

JSON

Related for CVE-2006-2981

cve1 prion1