Lucene search

[email protected]CVE-2006-3752

HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3752

2006-07-2114:03:00

[email protected]

web.nvd.nist.gov

cve-2006-3752

sql injection

class.php

professional home page tools guestbook

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

JSON

Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters.

Affected configurations

NVD

Node

professional_home_page_toolsprofessional_home_page_tools_guestbook

CPENameOperatorVersion
professional_home_page_tools:professional_home_page_tools_guestbookprofessional home page tools professional home page tools guestbookeq*

CPE	Name	Operator	Version
professional_home_page_tools:professional_home_page_tools_guestbook	professional home page tools professional home page tools guestbook	eq	*

References

artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt

secunia.com/advisories/21102

securityreason.com/securityalert/1248

securitytracker.com/id?1016550

www.securityfocus.com/archive/1/440421/100/0/threaded

www.securityfocus.com/bid/19019

www.vupen.com/english/advisories/2006/2876

exchange.xforce.ibmcloud.com/vulnerabilities/27774

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for CVE-2006-3752

nvd1 cvelist1