Lucene search

[email protected]CVE-2006-5606

HistoryOct 31, 2006 - 7:07 p.m.

CVE-2006-5606

2006-10-3119:07:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

sql injection

bytesfall explorer

bfexplorer

nvd

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors.

CPENameOperatorVersion
bytesfall_explorer:bytesfall_explorerbytesfall explorerle0.0.7.1

CPE	Name	Operator	Version
bytesfall_explorer:bytesfall_explorer	bytesfall explorer	le	0.0.7.1

References

sourceforge.net/forum/forum.php?forum_id=627671

sourceforge.net/project/shownotes.php?release_id=458642&group_id=174110

www.redteam-pentesting.de/advisories/rt-sa-2006-007.php?lang=en

www.securityfocus.com/archive/1/450166/100/100/threaded

www.securityfocus.com/bid/20800

www.vupen.com/english/advisories/2006/4255

exchange.xforce.ibmcloud.com/vulnerabilities/29942

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2006-5606

cve1