Lucene search

[email protected]CVE-2006-5707

HistoryNov 04, 2006 - 1:07 a.m.

CVE-2006-5707

2006-11-0401:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5707

sql injection

index.php

phpeasydata pro

remote attackers

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.

CPENameOperatorVersion
phpeasydata_pro:phpeasydata_prophpeasydata proeq2.2.1
phpeasydata_pro:phpeasydata_prophpeasydata proeq1.4.1

CPE	Name	Operator	Version
phpeasydata_pro:phpeasydata_pro	phpeasydata pro	eq	2.2.1
phpeasydata_pro:phpeasydata_pro	phpeasydata pro	eq	1.4.1

References

secunia.com/advisories/22616

securityreason.com/securityalert/1814

securitytracker.com/id?1017137

www.securityfocus.com/archive/1/450052/100/0/threaded

www.securityfocus.com/archive/1/450054/100/0/threaded

www.securityfocus.com/bid/20790

www.vupen.com/english/advisories/2006/4263

exchange.xforce.ibmcloud.com/vulnerabilities/29866

www.exploit-db.com/exploits/2675

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON