Lucene search

MitreCVE-2006-3618

HistoryJul 18, 2006 - 3:47 p.m.

CVE-2006-3618

2006-07-1815:47:00

mitre

web.nvd.nist.gov

cve-2006-3618

sql injection

pbl guestbook

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

67.9%

JSON

SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters.

Affected configurations

Nvd

Node

pixelated_by_levpixelated_by_lev_guestbookRange≤1.32

VendorProductVersionCPE
pixelated_by_levpixelated_by_lev_guestbook*cpe:2.3:a:pixelated_by_lev:pixelated_by_lev_guestbook:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pixelated_by_lev	pixelated_by_lev_guestbook	*	cpe:2.3:a:pixelated_by_lev:pixelated_by_lev_guestbook::::::::

References

www.neosecurityteam.net/index.php?action=advisories&id=23

www.securityfocus.com/archive/1/439486/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/27624

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

67.9%

JSON

Related for CVE-2006-3618