Lucene search

MitreCVE-2006-3932

HistoryJul 31, 2006 - 9:04 p.m.

CVE-2006-3932

2006-07-3121:04:00

mitre

web.nvd.nist.gov

cve-2006-3932

sql injection

links.php

gonafish linkscaffe 3.0

remote attackers

arbitrary commands

cat parameter

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Affected configurations

Nvd

Node

gonafishlinkscaffeMatch3.0

VendorProductVersionCPE
gonafishlinkscaffe3.0cpe:2.3:a:gonafish:linkscaffe:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gonafish	linkscaffe	3.0	cpe:2.3:a:gonafish:linkscaffe:3.0:::::::*

References

secunia.com/advisories/21212

www.vupen.com/english/advisories/2006/2983

exchange.xforce.ibmcloud.com/vulnerabilities/27961

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

8.5

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

Related for CVE-2006-3932