Lucene search
MitreCVE-2006-5145HistoryOct 05, 2006 - 4:04 a.m.
CVE-2006-5145
2006-10-0504:04:00
mitre
web.nvd.nist.gov
22
cve-2006-5145
olatedownload
sql injection
remote attackers
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.005
Percentile
76.5%
Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter in details.php or the (2) query parameter in search.php.
Affected configurations
Node
olateolatedownloadMatch3.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| olate | olatedownload | 3.4.0 | cpe:2.3:a:olate:olatedownload:3.4.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-5145
2006-10-02 23:00:00
exploitdb
exploitdb
OlateDownload 3.4 - 'details.php?page' SQL Injection
2006-09-29 00:00:00
OlateDownload 3.4 - 'search.php?query' SQL Injection
2006-09-29 00:00:00
nvd
nvd
CVE-2006-5145
2006-10-05 04:04:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
Low
EPSS
0.005
Percentile
76.5%
Related for CVE-2006-5145