Lucene search

K
cve[email protected]CVE-2006-4592
HistorySep 06, 2006 - 10:04 p.m.

CVE-2006-4592

2006-09-0622:04:00
NVD-CWE-Other
web.nvd.nist.gov
22
cve-2006-4592
sql injection
8pixel.net simple blog
vulnerability
remote attackers

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.4%

Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via “>” characters in the id parameter, which are not filtered by the protection mechanism.

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

71.4%