Lucene search

[email protected]CVE-2006-5802

HistoryNov 08, 2006 - 8:07 p.m.

CVE-2006-5802

2006-11-0820:07:00

[email protected]

web.nvd.nist.gov

cve

2006

5802

sql injection

message_details.php

web drivers simple forum

nvd

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

SQL injection vulnerability in message_details.php in The Web Drivers Simple Forum, dated 20060318, allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

the_web_driverssimple_forum

CPENameOperatorVersion
the_web_drivers:simple_forumthe web drivers simple forumeq*

CPE	Name	Operator	Version
the_web_drivers:simple_forum	the web drivers simple forum	eq	*

References

secunia.com/advisories/22706

www.securityfocus.com/bid/20937

www.vupen.com/english/advisories/2006/4351

exchange.xforce.ibmcloud.com/vulnerabilities/30020

www.exploit-db.com/exploits/2722

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

Related for CVE-2006-5802

nvd1 cvelist1