Lucene search

[email protected]CVE-2006-4300

HistoryAug 23, 2006 - 1:04 a.m.

CVE-2006-4300

2006-08-2301:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2006

4300

sql injection

vulnerability

comments.asp

simpleblog

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.9%

JSON

SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

CPENameOperatorVersion
8pixel.net:simple_blog8pixel.net simple blogle2.0

CPE	Name	Operator	Version
8pixel.net:simple_blog	8pixel.net simple blog	le	2.0

References

secunia.com/advisories/18488/

securityreason.com/securityalert/1440

www.securityfocus.com/archive/1/443923/100/0/threaded

www.securityfocus.com/bid/19609/info

exchange.xforce.ibmcloud.com/vulnerabilities/28470

www.exploit-db.com/exploits/2228

www.exploit-db.com/exploits/2232

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.9%

JSON

Related for CVE-2006-4300

prion1 cve1