Lucene search

[email protected]CVE-2006-5589

HistoryOct 27, 2006 - 6:07 p.m.

CVE-2006-5589

2006-10-2718:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2006

5589

sql injection

ledgersmb

remote attackers

nvd

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) OE.pm, (2) AM.pm, and (3) Form.pm.

CPENameOperatorVersion
ledgersmb:ledgersmbledgersmbeq1.0.0
ledgersmb:ledgersmbledgersmble1.1.0

CPE	Name	Operator	Version
ledgersmb:ledgersmb	ledgersmb	eq	1.0.0
ledgersmb:ledgersmb	ledgersmb	le	1.1.0

References

secunia.com/advisories/22483

sourceforge.net/project/shownotes.php?release_id=456803

www.securityfocus.com/archive/1/464789/100/200/threaded

www.securityfocus.com/bid/20749

www.vupen.com/english/advisories/2006/4209

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2006-5589

securityvulns2