Lucene search

[email protected]CVE-2006-4463

HistoryAug 31, 2006 - 8:04 p.m.

CVE-2006-4463

2006-08-3120:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4463

sql injection

jetstat.com

js asp faq manager

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

SQL injection vulnerability in the administrator control panel in Jetstat.com JS ASP Faq Manager 1.10 allows remote attackers to execute arbitrary SQL commands via the pwd parameter (aka the Password field).

Affected configurations

NVD

Node

jetstat.comjs_asp_faq_managerMatch1.10

CPENameOperatorVersion
jetstat.com:js_asp_faq_managerjetstat.com js asp faq managereq1.10

CPE	Name	Operator	Version
jetstat.com:js_asp_faq_manager	jetstat.com js asp faq manager	eq	1.10

References

secunia.com/advisories/21674

securityreason.com/securityalert/1483

www.osvdb.org/28266

www.securityfocus.com/archive/1/444652/100/0/threaded

www.securityfocus.com/bid/19761

www.vupen.com/english/advisories/2006/3415

exchange.xforce.ibmcloud.com/vulnerabilities/28638

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVE-2006-4463

nvd2 cvelist2 cve1