Lucene search

MitreCVE-2006-5641

HistoryNov 01, 2006 - 12:07 a.m.

CVE-2006-5641

2006-11-0100:07:00

mitre

web.nvd.nist.gov

sql injection

mainannounce2.asp

techno dreams announcement

remote attackers

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

71.9%

JSON

SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams Announcement allows remote attackers to execute arbitrary SQL commands via the key parameter.

Affected configurations

Nvd

Node

techno_dreamsannouncement_script

VendorProductVersionCPE
techno_dreamsannouncement_script*cpe:2.3:a:techno_dreams:announcement_script:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
techno_dreams	announcement_script	*	cpe:2.3:a:techno_dreams:announcement_script::::::::

References

secunia.com/advisories/22598

www.securityfocus.com/bid/20794

www.vupen.com/english/advisories/2006/4276

exchange.xforce.ibmcloud.com/vulnerabilities/29870

www.exploit-db.com/exploits/2683

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.003

Percentile

71.9%

JSON

Related for CVE-2006-5641