Lucene search

[email protected]CVE-2006-4632

HistorySep 08, 2006 - 8:04 p.m.

CVE-2006-4632

2006-09-0820:04:00

[email protected]

web.nvd.nist.gov

cve

sql injection

softbb

nvd

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON

Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.

Affected configurations

NVD

Node

softbbsoftbbRange≤0.1

CPENameOperatorVersion
softbb:softbbsoftbble0.1

CPE	Name	Operator	Version
softbb:softbb	softbb	le	0.1

References

acid-root.new.fr/advisories/10060904.txt

secunia.com/advisories/21761

securityreason.com/securityalert/1521

securitytracker.com/id?1016785

www.osvdb.org/28577

www.osvdb.org/28578

www.securityfocus.com/archive/1/445087/100/0/threaded

www.vupen.com/english/advisories/2006/3478

exchange.xforce.ibmcloud.com/vulnerabilities/28747

www.exploit-db.com/exploits/2300

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for CVE-2006-4632

nvd1 cvelist1