Lucene search

[email protected]CVE-2006-3341

HistoryJul 03, 2006 - 6:05 p.m.

CVE-2006-3341

2006-07-0318:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sql injection

annonces-p-f.php

myads module

xoops

vulnerability

remote execution

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.6%

JSON

SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp for Xoops allows remote attackers to execute arbitrary SQL commands via the lid parameter.

CPENameOperatorVersion
myads:myadsmyadseq2.04jp

CPE	Name	Operator	Version
myads:myads	myads	eq	2.04jp

References

secunia.com/advisories/20882

www.securityfocus.com/bid/18718

www.vupen.com/english/advisories/2006/2591

exchange.xforce.ibmcloud.com/vulnerabilities/27455

www.exploit-db.com/exploits/1961

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.6%

JSON

Related for CVE-2006-3341

prion1 cve1