Lucene search
MitreCVE-2006-5635HistoryNov 01, 2006 - 12:07 a.m.
CVE-2006-5635
2006-11-0100:07:00
mitre
web.nvd.nist.gov
28
sql injection
vulnerability
forum
search
web wiz forums
remote attackers
sql commands
kw parameter
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.002
Percentile
55.6%
SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.
Affected configurations
Node
web_wiz_forumsweb_wiz_forumsMatch6.34
ORweb_wiz_forumsweb_wiz_forumsMatch7.0
ORweb_wiz_forumsweb_wiz_forumsMatch7.0.1
ORweb_wiz_forumsweb_wiz_forumsMatch7.0_beta1
ORweb_wiz_forumsweb_wiz_forumsMatch7.5
ORweb_wiz_forumsweb_wiz_forumsMatch7.7a
ORweb_wiz_forumsweb_wiz_forumsMatch7.7b
ORweb_wiz_forumsweb_wiz_forumsMatch7.8
ORweb_wiz_forumsweb_wiz_forumsMatch7.9
ORweb_wiz_forumsweb_wiz_forumsMatch7.51
ORweb_wiz_forumsweb_wiz_forumsMatch7.91
ORweb_wiz_forumsweb_wiz_forumsMatch8.0_alpha
ORweb_wiz_forumsweb_wiz_forumsMatch8.04
| Vendor | Product | Version | CPE |
|---|---|---|---|
| web_wiz_forums | web_wiz_forums | 6.34 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:6.34:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.0 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.0:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.0.1 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.0.1:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.0_beta1 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.0_beta1:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.5 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.5:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.7a | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.7a:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.7b | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.7b:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.8 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.8:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.9 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.9:*:*:*:*:*:*:* |
| web_wiz_forums | web_wiz_forums | 7.51 | cpe:2.3:a:web_wiz_forums:web_wiz_forums:7.51:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Web Wiz Forum 6.34/7.x - 'search.asp' SQL Injection
2006-10-28 00:00:00
cvelist
cvelist
CVE-2006-5635
2006-11-01 00:00:00
nvd
nvd
CVE-2006-5635
2006-11-01 00:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.002
Percentile
55.6%
Related for CVE-2006-5635